As previously blogged, on 5 August 2020, the Commerce Commission released two reviews into an October 2019 security incident arising from the theft of computer equipment belonging to one of the Commission’s external providers in a burglary. The equipment contained a range of documents relating to the Commission’s work including confidential information provided to the Commission by businesses and individuals.
More details can be found at https://comcom.govt.nz/about-us/strategic-planning-and-accountability-reporting/security-incident-october-2019
A common contractual term relating to confidentiality between two parties might state that they will both, “take all steps practically possible to prevent any unauthorised use or disclosure of any Confidential Information.”
The question then arises as to how each entity can obtain ongoing assurance that the other is acting in compliance with this agreement.
With the Financial Markets (Conduct of Institutions) Amendment Bill progressing through Parliament, this question can be extended to consider how banks, insurers and non-bank deposit takers will be able to obtain the required ongoing assurance that their respective intermediaries are fulfilling the conduct obligations being imposed by this proposed legislation.