ARTICLE
12 July 2024

New Draft Information Security Guideline Released For Pension Plans

sL
Lawson Lundell LLP

Contributor

Lawson Lundell LLP logo
Lawson Lundell is a leading full-service law firm, known for our strategic approach to legal services. With over 160 lawyers, and offices in Vancouver, Calgary, Yellowknife and Kelowna, we are widely recognized for our depth of experience and innovative solutions to complex business law and litigation matters across various sectors.
Explore
Lexpert Firm Profile
On July 8th, the B.C. Financial Services Authority ("FSA") released a new draft Information Security Guideline, and opened a consultation period set to close on September 6th, 2024. The new draft Guideline...
Canada Employment and HR
Photo of Lisa Chamzuk
Photo of Jessica Kim
Authors
To print this article, all you need is to be registered or login on Mondaq.com.

On July 8th, the B.C. Financial Services Authority ("FSA") released a new draft Information Security Guideline, and opened a consultation period set to close on September 6th, 2024. The new draft Guideline will apply exclusively to pension plan administrators ("PPA").

As you may recall:

  • In January 2021, B.C. FSA released a draft Information Security Guideline which applied to each of the institutions for which B.C. FSA has oversight responsibilities (credit unions, insurance companies, mortgage brokers and pension plans);
  • Pension plan administrators expressed some concern that the guidance was too prescriptive for PPAs in light of their circumstances, mandate and resources, when compared with these other industries;
  • B.C. FSA's response was to revise the Information Security Guideline to leave the more prescriptive rules in place for the other three regulated industries and adopt a more principles based approach for PPAs.

Since that time, B.C. FSA worked with a Task Force drawn from pension plan administrators to develop the new, pension specific draft Information Security Guideline.

While a pension specific Information Security Guideline is welcome, PPAs should be aware that the draft Guideline contains more prescriptive expectations for PPAs than are set out in the current Information Security Guideline. For example:

  • The draft Guideline provides that PPAs are expected to inform plan beneficiaries and members about "material" incidents that have an impact on benefits, financial or personal interests, which is not an express expectation in the current Guideline;
  • The draft Guideline provides greater clarity about what B.C. FSA will view as a "material" incident;
  • The draft Guideline is more prescriptive about a PPA's reporting obligation to the B.C. FSA in the event of a material incident.

We encourage you to review the Guideline prior to the close of the consultation period (September 6th, 2024) to determine if you wish to make a submission and in any event to consider whether and how to ensure that your plan will be able to comply with the new Guideline.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Lisa Chamzuk
Lisa Chamzuk
Photo of Jessica Kim
Jessica Kim
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More