The Australian Department of Home Affairs (DHA) and the Reserve Bank of Australia (RBA) have taken a significant step towards improving the nation’s cybersecurity resilience by signing a Memorandum of Understanding (MoU) aimed at fortifying the security of critical infrastructure. This landmark agreement, formalized in October 2024, underscores the importance of collaboration between government and financial regulatory bodies in safeguarding essential systems that are vital to the nation’s economic and social stability. It specifically addresses critical payment systems and the entities responsible for managing them, as outlined under the Security of Critical Infrastructure Act 2018 (SOCI Act).
A key aspect of the MoU is the commitment of both agencies to work together in reducing the regulatory burden on entities managing critical infrastructure assets. The agreement ensures that the DHA and RBA will avoid unnecessary duplication of efforts, particularly in information collection and reporting. The RBA, as the primary regulator for critical payment systems, will work closely with the DHA to ensure a unified approach to risk management, reporting, and compliance with the SOCI Act. This partnership aims to streamline processes and ensure that regulatory measures do not place undue strain on responsible entities.
The MoU also outlines the importance of continuous consultation and information sharing between the DHA and the RBA. Both agencies will keep each other informed about significant issues relating to critical payment system assets and consult on matters that may impact the regulatory responsibilities of either party. This collaborative effort will promote a more coordinated response to emerging risks and security challenges. Furthermore, it sets clear guidelines for the protection of sensitive information, ensuring compliance with the Commonwealth Protective Security Policy Framework and relevant privacy laws.
This MoU forms part of a broader effort to enhance Australia’s cyber resilience across all sectors. Earlier in the week, the DHA’s Cyber and Infrastructure Security Centre (CISC) announced the designation of 46 additional critical infrastructure assets as Systems of National Significance, increasing the total number to over 200. These systems span a range of sectors, including energy, communications, transport, and financial services, and their inclusion highlights the Australian government’s commitment to improving the security of essential services.
Reference: