Skip to Primary Navigation

Skip to main content

FCA confirms new incident and third-party rules after cyberattacks

Illustration of a hacker behind a computer screen.
Updated rules will help bolster resilience and protect customers. Photo: Chesnot/Getty Images.

Hameed Shuja

2 min read
 Click to share on Facebook (Opens in new window/tab) Click to share on Twitter (Opens in new window/tab) Click to share on LinkedIn (Opens in new window/tab) Click to share on WhatsApp (Opens in new window/tab)

Regulator says new rules will make existing incident and third-party reporting clearer, more consistent, and easier for firms to follow.

The UK’s FCA has confirmed its final rules and guidance setting out requirements for reporting operational incidents and material third-party arrangements. The move follows a wave of serious and damaging cyberattacks against commercial and government entities over the past year.

The new single regimes, which will apply from March 18,detailed

Register for free to keep reading

To continue reading this article and unlock full access to GRIP, register now. You’ll enjoy free access to all content until our subscription service launches in early 2026.

  • Unlimited access to industry insights
  • Stay on top of key rules and regulatory changes with our Rules Navigator
  • Ad-free experience with no distractions
  • Regular podcasts from trusted external experts
  • Fresh compliance and regulatory content every day
Register for free
Sign in
, , , , , , , , , , , , , ,