Page 30 - Technical report on SS7 vulnerabilities and mitigation measures for digital financial services transactions
P. 30
ANNEX B
Template for a model MOU between a telecommunications regulator
and central bank related to DFS security
B.1 BASIS OF THE MOU B.2 AREAS OF COOPERATION AND
COOPERATION STRATEGIES
In recognition of the growing convergence of telecom-
munications and financial services in what has been GENERAL PROVISIONS
identified as ‘Digital Financial Services,’ the Authorities
have identified a need for Regulatory interaction and B.2.1 The parties agree to cooperate in their respective
collaboration to ensure the integrity, security, stability roles in dealing with matters relating to:
and protection of participants and end users relating to
the provision of these services. a) DFS generally;
The CENTRAL BANK and the NATIONAL TELECOM- b) Full and fair access to, security, and reliability of all
MUNICATIONS REGULATOR shall cooperate with each components of DFS in (the country);
other for the oversight and supervision of DFSPs and
MNO communications networks under their respective c) Consumer Protection; and
financial and telecommunications mandates to ensure d) Any other relevant areas of possible collaboration
the highest levels of security, reliability, consumer pro- between the Authorities.
tection, fair and equitable access to facilities, and con-
fidentiality. B.2.2 The cooperation between the CENTRAL BANK
Recognizing too that both the CENTRAL BANK and and NATIONAL TELECOMMUNICATIONS REGULATOR
the NATIONAL TELECOMMUNICATIONS REGULA- shall focus around the following issues and processes:
TOR each have limited scope of supervision and over-
sight of components of DFS, this MOU is entered into a) Exchange of any relevant information;
to establish the manner in which the authorities will b) Mutual capacity building;
jointly oversee, supervise, and interact with each other
in respect of any matters relating to DFS that touch on c) Investigation of any incident, issues and cases relat-
their respective mandates and remits, and so together ing to the scope of this MOU;
strengthen and/or address any gaps in the Regulatory, d) Joint or individual hearings, as needed;
supervisory and oversight framework for DFS in (the
country). e) Use of common systems for DFS transaction moni-
This MOU is entered on the basis of mutual respect, toring
in a spirit of goodwill, and does not affect the indepen- f) Fostering competition and promoting a level playing
dence of the two Authorities hereto. field for all participants of a DFS ecosystem;
This MOU aims to promote the integrity, efficiency
and efficacy of participants by improving effective g) Dispute resolution between providers, and between
regulation and enhancing the supervision of DFS. consumers as end users;
h) Development, monitoring and enforcement of rele-
vant provisions of respective laws, by-laws, guide-
lines or regulations where these may relate to DFS;
i) Consultations on amendments to existing laws,
guidelines, by-laws, or regulations where these may
relate to DFS;
28 • Technical report on SS7 vulnerabilities and mitigation measures for digital financial services transactions
