Guidelines on Cybersecurity in the Financial Sector [Partial Amendment]

Financial Services Agency
2025-07-05
View Original fsa.go.jp

The partial amendment to the "Guidelines on Cybersecurity in the Financial Sector" announced by the Financial Services Agency on July 4, 2025, involves regulatory adjustments reflecting organizational restructuring associated with the enforcement of the Act on Establishing Related Laws for Strengthening Cyber Response Capabilities.

Key Points

Content of Organizational Restructuring

  • Partial enforcement of the Act on Arrangement of Related Laws Accompanying the Enforcement of the Act on Prevention of Damage by Unauthorized Activities on Critical Electronic Computers (Act on Establishing Related Laws for Strengthening Cyber Response Capabilities)
  • The Cabinet Office's "National center of Incident readiness and Strategy for Cybersecurity (NISC)" will be reorganized as the "National Cyber Coordination Office" as of July 1, 2027
  • Corresponding modifications made to relevant sections of the financial sector's cybersecurity guidelines in response to this organizational restructuring
  • This is a technical amendment to accommodate the change in organizational name, with no changes to the substantive content of the guidelines

Legal Position of the Amendment

  • Implemented as an amendment falling under Article 39, Paragraph 4, Item 8 of the Administrative Procedure Act
  • Classified as "arrangement of provisions naturally required by the enactment or amendment of other laws and regulations"
  • No public comment procedure conducted
  • Processed as a formal and technical modification accompanying legal amendments

Continuity of Guidelines

  • No changes to basic requirements or measures regarding cybersecurity
  • The framework of cybersecurity measures that financial institutions should implement remains unchanged
  • The financial sector's cybersecurity system will continue after the transition from NISC to the National Cyber Coordination Office
  • Impact on financial institutions' practices limited to reading the organization name differently

The article indicates that in response to organizational restructuring accompanying the strengthening of the government's cybersecurity system, technical amendments were made to maintain consistency in the financial sector's guidelines.

※ This summary was automatically generated by AI. Please refer to the original article for accuracy.