This new licence condition will focus on business continuity and technology systems. It will apply to the following types of market service licences:

• Managers of registered schemes (excluding restricted schemes).
• Providers of discretionary investment management services.
• Derivatives issuers.
• Prescribed intermediary services (peer-to-peer lending providers and crowdfunding service providers).

What is the new standard condition?

The new standard condition requires licence holders to have and maintain a business continuity plan that is appropriate for the scale and scope of its service. Licence holders will also be required to make sure that their critical technology systems are operationally resilient. If the licence holder suffers an event that materially affects the supply of its service, it must notify the FMA as soon as possible, or no later than 72 hours after it has determined the event is a material incident. 

New incident reporting process

Alongside the rollout of the new standard condition, the FMA is introducing a new process for reporting incidents. Most market services licence holders must inform the FMA of any event significantly affecting the operational resilience of their critical technology systems. This encompasses events causing substantial disruption to the licensee's market service provision or adversely impacting recipients of those services.

To streamline reporting, the FMA has launched a secure online notification form for licence holders. This form includes essential information required during reporting and provides clear instructions for licence holders. It aims to be user-friendly and is designed to align with the Reserve Bank's cyber incident notification process for entities regulated by them.

For updated standard conditions specific to each licence type, the FMA has published details accessible here. 

If you have any questions about the new standard condition or reporting process and what it means for your business please get in touch.