IT supervision at banks Course level II
02 June 2022
Against the backdrop of digital transformation, information technology is becoming more and more important to the functioning of banks. At the same time, however, these technologies bear great potential for abuse and may be a source of negligence and threats, both internal and external. Supervisors therefore need to focus their attention on the risks associated with the use of information technology.
This course gives an overview of current practices with regard to IT supervision at banks from both a regulatory and practical perspective. The course will describe the general framework in the EU and its transposition into German law and regulatory practice. The sessions will also discuss typical issues faced by banks with respect to IT, shed light on the evaluation techniques used by supervisors in their review and evaluation process (SREP) and highlight specific IT issues depending on participants’ specific interests.
Active participation is expected in this course, and participants should be prepared to discuss typical issues and problems faced in the IT usage of banks under their supervision.
- Day 1:
- Introduction to the course, tour de table of participants backgrounds and interests
- Overview of the European and German banking systems and supervision systems
- Introduction to IT Security
- Overview of the European and German laws and regulations for IT supervision
- Minimum requirements for risk management with focus on IT and outsourcing requirements
- Day 2:
- Introduction to IT supervision
- Setting up an on-site inspection for IT
- Deep dive on selected topics (e.g. user access rights, application development, outsourcing management)
- Day 3:
- Gathering off-site information for the supervisory review and evaluation process for IT (IT SREP)
- Typical findings from on-site inspections in Germany
- Group work: Understanding and evaluating an on-site inspection report for IT
Policymakers in banking supervision, on-site and off-site inspectors, IT auditors. Participants should have at least an intermediate understanding of banking supervision and information technology.
Please apply online by clicking on the registration button within the application period.