Print Article

GFSC Consultation Paper on regulated firms Cyber Security Rules and Guidance  


The Guernsey Financial Services Commission [GFSC] has issued a Consultation Paper seeking views from interested parties on proposed Cyber Security Rules and an accompanying Guidance Note for all licensed entities under the various supervisory laws.

The set of rules and accompanying guidance follow 5 core principles:

  1. Identify,
  2. Protect,
  3. Detect,
  4. Respond and

The Guidance that accompanies the Rules provide examples of how firms should apply the Rules, proportionately given the size, nature and complexity of its business.

The Guidance recognises the speed at which Cyber Risk evolves and consequently suggests some minimum requirements but does not provide an exhaustive list of controls and mitigants.

A copy of the Consultation Paper, Draft Rules and the Draft Guidance can be found here: