Welcome to Manifest-I

Welcome to Manifest-I the blog of Manifest Information Services Ltd. Here we take a wide ranging view of topical governance and stewardship issues. Please feel free to add your comments and join the debate. Sign up to receive free weekly updates.

Manifest is a signatory of the Best Practice Principles for Shareholder Voting Research

Delivering Diverse Viewpoints

In the pursuit of secure investment returns, diverse viewpoints based on high-quality data and varied information are critical for portfolio construction. We believe that share ownership is no different. Manifest intelligently navigates the complexities of global governance and voting delivering actionable and defensible stewardship insights.

Manifest: showing, not telling

Get in touch to find out more about Manifest's governance research, data and advisory services

EU takes action on cyber-security

The European Union (EU) has reached an agreement on new legislation which will improve cyber-security across all member states. The European Commission proposed the directive in 2013 and an agreement on its content was reached by the EU Council of Ministers and the European Parliament on 7th December.

The Commission is keen to ensure a high common level of network and information security (NIS) in the EU but recently our computer information systems have been affected by an increasing number of security incidents. The new rules will:

  • improve cybersecurity capabilities in Member States
  • improve Member States’ cooperation on cybersecurity
  • require operators of essential services in the energy, transport, banking and healthcare sectors, and providers of key digital services like search engines and cloud computing, to take appropriate security measures and report incidents to the national authorities

The text of the directive will now be formally approved by the European Parliament and the Council. After that it will be published in the EU Official Journal and will officially enter into force. Member States will have 21 months to implement this Directive into their national laws and 6 months more to identify operators of essential services.

The Commission said it would launch a public-Private partnership on cybersecurity in 2016,as announced in its Digital Single Market strategy published in May this year.

Meanwhile, the Committee on Payments and Market Infrastructures (CPMI) and the Board of the International Organization of Securities Commissions (IOSCO)  has released a consultative paper, Guidance on cyber resilience for financial market infrastructures , 

The CPMI said that as financial market infrastructures (FMIs) play a critical role in promoting the stability of the financial system the cyber risks they face, and their level of readiness to effectively deal with worst case scenarios, have been considered top priorities by industry leaders and authorities alike. The Guidance aims to add momentum to and instill international consistency in the industry’s ongoing efforts to enhance FMIs’ ability to pre-empt cyber attacks, respond rapidly and effectively to them, and achieve faster and safer target recovery objectives if they succeed.

Mr Greg Medcraft, Chairman of IOSCO, added: “The proposed Cyber Guidance is the culmination of extensive collaboration between IOSCO and the CPMI. It reflects an urgency to address the increasing risks that cyber threats pose to FMIs and financial stability, as well as the need for a coordinated approach. At the FMI level too, cyber resilience cannot be achieved by individual institutions alone in our highly interconnected financial sector. The broader ‘ecosystem’ needs to work in unison. The Guidance calls upon the ecosystem to do just that. We hope to collaborate with all stakeholders to meaningfully enhance the cyber resilience of our financial system as we refine these proposals and later implement them.”

The consultative report is available on the websites of the Bank for International Settlements and IOSCO. Comments on the report should be submitted by Tuesday 23 February 2016 via e-mail to both the CPMI Secretariat and the IOSCO Secretariat.

Manifest’s research has found that UK’s  largest companies still need to do more to combat the risks posed by cyber attacks and that investors need to monitor companies to ensure they are taking these risks seriously. For a copy of this research email info@manifest.co.uk.

What do you think?