Changeflow GovPing Banking & Finance Research Report on Third-Party Cybersecurity Ri...
Routine Guidance Added Final

Research Report on Third-Party Cybersecurity Risk Management for Financial Institutions

Favicon for www.fsa.go.jp Japan FSA Press Releases
Published April 3rd, 2026
Detected April 3rd, 2026
Email

Summary

Japan's Financial Services Agency published a research report on third-party cybersecurity risk management for financial institutions. The FSA commissioned Deloitte Tohmatsu Cyber LLC to examine management practices among major banks and large insurance companies in the United States, European Union, and United Kingdom. The report provides provisional English translations for industry reference.

View original document View source feed page

What changed

The FSA published a research report titled 'Strengthening the Management of Third-Party Cybersecurity Risks by Financial Institutions,' examining cybersecurity risk management practices adopted by major financial institutions in the US, EU, and UK. The study was commissioned to Deloitte Tohmatsu Cyber LLC and covers how banks and large insurance companies manage third-party cybersecurity risks. Two PDF versions are available: a 714KB summary report and a full 1,389KB report.

Regulated entities in Japan should review this research report to understand international best practices for third-party cybersecurity risk management. While the report is informational and non-binding, compliance teams should consider integrating these international standards into their own third-party risk frameworks. The report is available in English translation through the FSA website, with contact provided through the Office of Policy Coordination for IT Risk, Cybersecurity and Economic Security.

Source document (simplified)

Japanese

April 3, 2026

Financial Services Agency

Publication of the Research Report,

“Strengthening the Management of Third-Party Cybersecurity Risks by Financial Institutions”

The FSA commissioned Deloitte Tohmatsu Cyber LLC to conduct a “Strengthening the Management of Third-Party Cybersecurity Risks by Financial Institutions”.

In light of the growing importance of third-party cybersecurity risk management, the study examined management practices adopted by major banks and large insurance companies in the United States, the European Union, and the United Kingdom.

The provisional English translation is provided below.

Telephone:+81-(0)3-3506-6000 (ext.2217, 3850)

Site Map

About FSA Ministerial Team Organization Location Pamphlet Open Policy Lab Press Releases & Public Relations Press Releases Press Conferences Official Statements FSA Weekly Review & ACCESS FSA Speeches For Financial Users Others Archives Policies & Councils Policies Councils Laws & Regulations Name of Laws and Regulations(PDF)
 Recent Changes (Legislation, Ordinances, Guidelines) Guidelines Financial Instruments and Exchange Act Financial Monitoring Policy Public Comment No-Action Letter System Procedures concerning Foreign Account Management Institutions Regulated Institutions List of Institutions Administrative Action Statistics For those engaging in High Speed Trading To Operators of Specially Permitted Businesses for Qualified Institutional Investors, etc. Asia Region Funds Passport (ARFP) FSA Weekly Review & ACCESS FSA Back Number (2022) Back Number (2021) Back Number (2020)


top of page

Related changes

Favicon for www.fsa.go.jp Third Expert Panel Meeting on Corporate Governance Code Revision
Routine Mar 31, 2026 Japan FSA Press Releases Banking & Finance
Favicon for www.fsa.go.jp Revision of AML/CFT Guidelines for Financial Institutions
Priority review Mar 31, 2026 Japan FSA Press Releases Banking & Finance
Favicon for www.fsa.go.jp GLOPAC 28th Training Program for Overseas Banking Regulators
Routine Mar 31, 2026 Japan FSA Press Releases Banking & Finance
Favicon for www.cisa.gov TrueConf Client Vulnerability - Arbitrary Code Execution via Updates
Urgent Apr 03, 2026 CISA Known Exploited Vulnerabilities (KEV) Data Privacy & Cybersecurity
Favicon for changeflow.com Linguistic authentication patent for access using language affinities
Routine Apr 03, 2026 ChangeBridge: Patent Apps - Networking (H04L) Telecom & Technology
Favicon for changeflow.com Service Access Method with Authorization Certificates and Routing Nodes
Routine Apr 03, 2026 ChangeBridge: Patent Apps - Networking (H04L) Telecom & Technology

Source

Favicon for www.fsa.go.jp
Japan FSA Press Releases fsa.go.jp/en/news/index.html
Banking & Finance
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
FSA
Published
April 3rd, 2026
Instrument
Guidance
Legal weight
Non-binding
Stage
Final
Change scope
Minor

Who this affects

Applies to
Banks Insurers
Industry sector
5221 Commercial Banking 5241 Insurance
Activity scope
Cybersecurity Risk Management
Geographic scope
Japan JP

Taxonomy

Primary area
Cybersecurity
Operational domain
Compliance
Compliance frameworks
NIST CSF
Topics
Banking Financial Services

Browse Categories

Agriculture & Food Safety 63 AI Regulation 3 Banking & Finance 266 Consumer & Competition 1 Consumer Protection 43 Courts & Legal 358 Data Privacy & Cybersecurity 74 Defense & National Security 52 Education 20 Energy 101 Environment 85 Government & Legislation 274 Healthcare 135 Housing 16 Immigration 9 Insurance 58 Labor & Employment 113 Legal & Courts 1 medical-board 1 Pharma & Drug Safety 103 Securities & Markets 104 Tax 65 Tax & Revenue 1 Telecom & Technology 47 Trade & Sanctions 124 Transportation 57

Get Banking & Finance alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when Japan FSA Press Releases publishes new changes.

Optional. Personalizes your daily digest.

Free. Unsubscribe anytime.