The article first addresses the key concepts of the Draft CRA and provides a comparative analysis with regard to both existing and prospective cybersecurity regulations in China and Singapore (II.). This is followed by an outline of the powers granted to public authorities in the event of non-compliance with legal requirements, in particular the power to impose administrative fines (III.). The article concludes with comparative observations regarding the key issues analysed for the three regions (IV.).

This paper first provides background on the existing Office of the Superintendent of Financial Institutions (OSFI) B-10 guideline (I.), provides an overview of the proposed updates to the existing B-10 guideline introduced by OSFI in the new Draft B-10 Guideline (II.), outlines some of the key issues FRFIs will need to address due to the new Draft B-10 Guideline (III.), and highlights the next step steps for FRFIs to adopt to the new Draft B-10 Guideline (IV.). This paper then continues by providing an overview of Guideline B-13 and its structure compared to the EU Draft Digital Operational Resilience Act (V.), discusses next steps for FRFIs to adapt to Guideline B-13 (VI.), and concludes with an assessment of the impact on FRFIs on having two “new” Guidelines to now have to implement (VII.).

The article takes a closer look at the recent UK Data Protection and Digital Information Bill identifying the driving forces behind it (I.). The analysis of seven key issues (II.) reveals where and how UK data protection would deviated from the EU approach in the future. Given the UK’s current preoccupation with government stability, it remains to be seen whether the maxim “legislate in haste, repent at leisure” will become applicable (III.).