Copyright_millenius_123RF

The British Columbia Financial Services Authority is releasing a stand-alone information security guideline for pension plan administrators based in the province.

The guideline, which will come into effect on July 1, 2025, aims to help mitigate information security risks and ensure timely reporting of material security incidents, according to a press release. Until then, all provincially regulated financial institutions, including pension plan administrators, are expected to follow the information security guideline for provincially regulated financial institutions that was issued in 2021 and came into effect in September 2022.

The new guideline, which is the first in B.C. specifically for pension plan administrators, aims to harmonize with other pension regulators, simplify incident reporting and clarify the definition of a material incident.

Read: Sounding Board: How pension IT risk management guidance will impact plan sponsors

A pension plan administrator’s governing body is ultimately responsible for overseeing the prudent management of information security risks, according to the guideline. “PPAs will need to demonstrate that they have familiarized themselves with industry accepted practices for plan governance, including the Canadian Association of Pension Supervisory Authorities guideline on pension plan governance and other CAPSA guidelines as applicable.

The guidelines also states that administrators should: ensure written governance policies recognize information security as a material risk; identify all participants who have authority to make decisions in respect of those structures, processes and controls and describes the roles, responsibilities and accountabilities of those participants; and establish an ongoing process to identify the educational requirements and skills necessary for the administrator to perform his or her duties in relation to information security.

Read: Public DB plans driving pension software sector growth: report