Evolution of the Module
RM-A.2.1
This Module was first issued in October 2010. Any material changes that have subsequently been made to this Module are annotated with the calendar quarter date in which the change was made: Chapter UG-3 provides further details on Rulebook maintenance and version control.
RM-A.2.2
A list of recent changes made to this Module is provided below:
Module Ref. Change Date Description of Changes RM-A.1.3 01/2011 Clarified legal basis. RM-2.1.2 10/2017 Amended Paragraph to allow the utilization of cloud services. RM-2.1.4A 10/2017 Added a new Paragraph on outsourcing requirements. RM-2.1.7 10/2017 Amended Paragraph. RM-2.1.9 10/2017 Amended Paragraph. RM-2.1.11 10/2017 Amended Paragraph. RM-2.1.13 10/2017 Added a new Paragraph on outsourcing. RM-2.1.15 10/2017 Amended Paragraph. RM-2.2.9 10/2017 Amended Paragraph. RM-2.2.15 10/2017 Amended Paragraph. RM-2.2.16 10/2017 Added a new Paragraph on security measures related to cloud services. RM-2.3.2 10/2017 Amended Paragraph. RM-1.5.5 01/2021 Added a new Paragraph on electronic fraud. RM-1.5.6 01/2021 Added a new Paragraph on electronic fraud awareness. RM-3 01/2022 Added a new Chapter on Cyber Security Risk Management. RM-3.1.61 04/2022 Deleted reference to BR. RM-3.1.58 04/2022 Amended Paragraph on cyber security incident reporting. RM-3.1.59 04/2022 Amended Paragraph on submission period of the cyber security incident report. RM-2 07/2022 Replaced Chapter RM-2 with new Outsourcing Requirements. RM-3.1.22 10/2022 Amended Paragraph on email domains requirements. RM-3.1.22A 10/2022 Added a new Paragraph on additional domains requirements. RM-1.5.7 – RM-1.5.9 07/2023 Added new Rules on secured customer authentication requirements.
