APRA clarifies expectations on use of multi-factor authentication
The Australian Prudential Regulation Authority (APRA) has written to all APRA-regulated entities on the importance of using multi-factor authentication (MFA) as one of the most effective tools to prevent unauthorised access to sensitive information.
The letter outlines APRA’s observations on gaps in the implementation of MFA across its regulated industries, and notes APRA’s expectation that entities review the coverage of MFA in their operating and technology environments.
The letter is available on the APRA website at: Use of multi-factor authentication (MFA).
Media enquiries
Contact APRA Media Unit, on +61 2 9210 3636
All other enquiries
For more information contact APRA on 1300 558 849.
The Australian Prudential Regulation Authority (APRA) is the prudential regulator of the financial services industry. It oversees banks, mutuals, general insurance and reinsurance companies, life insurance, private health insurers, friendly societies, and most members of the superannuation industry. APRA currently supervises institutions holding around $9 trillion in assets for Australian depositors, policyholders and superannuation fund members.