OREANDA-NEWS. Major rating agencies are to stipulate in their by-laws which methods they will use to ensure safety and protection of information they obtain from market participants being rated as well as that of analytics serving as a bais for rating actions.

This requirement is due to be embodied in a draft Bank of Russia Ordinance, the regulator publishes today on its site.

Agencies, in particular, will be required to draw up information backup and recovery arrangements as part of business continuity plans to address potential breakdowns. They will also have to provide for measures to counter unauthorised access by both staff and outsiders. Additionally, agencies will be supposed to develop information safety accident detection and response systems. At least once a year or as required by the regulator, credit agencies will have to audit their current information protection arrangements.

Credit agencies will need to assign dedicated structural subdivisions or officers to be responsible for information protection and safety.

The regulation is envisaged to become effective in the second half of 2016.