A BCG Company

IT Regulatory Risk

The complexity of the regulatory environment in Asia, where international banks can have to deal with over 20 different regulators, has driven Expand to create the IT Regulatory Risk Working Group.  This consists of regular meetings between the regional heads of IT risk, where the latest regulatory evolutions are discussed, with focus on their impact on technology.

Topics are member-driven and agreed ahead of schedule. Sessions are held under Chatham House (Vegas) rules, no comments or discussion topics are made public or attributable to firms or persons in the room.

Who is it for?

  • APAC Regional heads of IT Risk and/or Security


  • 6 sessions a year, with additional topical sessions when necessary

Why do it?

Ensuring regulatory compliance in a constantly evolving environment is a complex task that all IT Risk Managers are required to tackle. The working group allows the participants to share insights on new regulations, and to respond to regulatory demands in a coordinated and efficient manner.

What you get

  • Access to a database of industry insights on local regulations, collected over the last 3 years
  • Opportunity to gain insights directly from a number of third parties (FS-ISAC, Interpol, some regulators)
  • Quick feedback from peer banks outside the sessions when facing a challenging regulatory situation

Past session highlights

  • Cyber security
  • End-user computing
  • MAS TRM guidelines
  • HKMA BYOD circular and Customer data protection
  • OJK on-shoring requirements
  • CBRC’s application of safe and controllable technologies

Next Steps

To find out more, please use the form below. Alternatively, contact your local office using the below phone numbers.


Tel: +44 (0)20 7337 2100


Tel: +1 (212) 913 9270


Tel: +65 6823 1460


I agree to the processing of my information as explained in the Privacy Policy

I agree to the Terms of Use

* Mandatory Fields


What is your main challenge?

Which product would you like to explore?