Prescriptive, “Rules-Based” Regulation is Key to Enhancing Cybersecurity in Financial Institutions

There is much debate in the compliance community about the virtues and drawbacks of a “principles-based” versus a “rules-based” regulatory approach in ensuring effective compliance with regulatory obligations. On the one hand, in “principles-based” regulation agencies establish broad but well-articulated principles that a business is expected to follow. There is clarity about the regulatory objective,…

Read More