A BCG Company

IT Regulatory Risk Platform

Since 2011, Expand Research has pioneered out of Singapore the TRWG (IT Regulatory Risk Working Group), a research platform assisting global and regional financial institutions in navigating the complexity of the financial services regulatory landscape in Asia-Pacific.

The platform provides a horizon scanning of regulations in the region and enables member participants to engage an industry peer group on key thematic subjects within the area of technology risk, exchanging industry experience and performance metrics on the different approaches of technology regulatory risk compliance. The TRWG also provides an opportunity for member banks to field specific and customized poll questions to their peers, allowing for quick insights in between session meetings.

The TRWG holds regular roundtables among IT risk regional heads of international banks, held across Hong Kong, Singapore and Australia. Topics are member-driven and agreed ahead of schedule. Sessions are held under Chatham House (Vegas) rules, no comments or discussion topics are made public nor are they attributable to firms or persons in the room.

Who is it for?

  • APAC Regional heads of IT Risk and/or Security


  • 6 sessions a year, with additional topical sessions when necessary

Why do it?

Ensuring regulatory compliance in a constantly evolving environment is a complex task that all IT Risk Managers are required to confront. The constant touchpoints in the TRWG allows member participants to uncover and adapt themselves to industry’s best practices and react to new and ongoing regulations.

Our research provides industry insights that can be used to validate banks’ own internal findings and be integrated into its own decision-making process.

What you get

  • Access to a database of industry insights on local regulations
  • Opportunity to gain insights directly from a number of third parties (FS-ISAC, Interpol, some regulators)
  • Quick feedback from peer banks outside the sessions when facing a challenging regulatory situation
  • Monthly newsletters with recent regulatory developments related to technology risk and FinTech

Past session highlights

  • Cyber security
  • End-user computing
  • MAS TRM guidelines
  • HKMA BYOD circular and Customer data protection
  • MAS Notice 655 on Cyber Hygiene
  • SFC circular on use of EDSPs (External Data Storage Providers)
  • BCP measures during COVID-19

Next Steps

To find out more, please use the form below. Alternatively, contact your local office using the below phone numbers.


Tel: +44 (0)20 7337 2100


Tel: +1 (212) 913 9270


Tel: +65 6823 1460


    I agree to the processing of my information as explained in the Privacy Policy

    I agree to the Terms of Use

    * Mandatory Fields


    What is your main challenge?

    Which product would you like to explore?