The British Columbia Financial Services Authority has issued a new Information Security Incident Reporting Guideline setting expectations for timely reporting of material information security incidents by extraprovincial insurance corporations and extraprovincial trust corporations that affect British Columbians. The guideline comes into effect on January 1, 2026. The requirements apply to insurance and trust corporations authorized to conduct business in British Columbia but incorporated federally or in other provinces, and cover material incidents including cybersecurity threats that could compromise critical services or sensitive information.
British Columbia Financial Services Authority 2025-03-25
British Columbia Financial Services Authority releases information security incident reporting guideline for extraprovincial insurers and trust corporations effective January 1, 2026
The British Columbia Financial Services Authority has released an Information Security Incident Reporting Guideline for extraprovincial insurance and trust corporations operating in British Columbia. Effective January 1, 2026, the guideline mandates timely reporting of material incidents, including cybersecurity threats, that may impact critical services or sensitive information.