Technology and Information Rulebook
This version shall take effect on 19 June 2025. To review the previous version, please click here.
| This version shall take effect on 19 June 2025. To review the previous version, please click here. |
- Introduction
-
Part I – Technology Governance, Controls and Security
- A. Technology Governance and Risk Assessment Framework
- B. Cybersecurity Policy
- C. Cybersecurity – other Legal and Regulatory Obligations
- D. Cryptographic Keys and VA Wallets Management
- E. Testing and Audit
- F. Virtual Asset Transactions
- G. Algorithm Governance
- H. Business Continuity, Cybersecurity Events and Risk
- I. Chief Information Security Officer and Management
- J. Staff Competency
- K. Notification to VARA
- Part II – Personal Data Protection
- Part III – Confidential Information
- Schedule 1 – Guidance on Technology Governance and Risk Assessment Frameworks
- Schedule 2 – Definitions