對內管控部分,必須符合法律所要求應盡網路安全措施義務以及風險管理事項。像是美國保險監理官協會借保險資料安全示範法之提出,協助企業了解網路安全方面之職責,確保維護網路安全措施,並修復如保險公司和保單持有人間的紛爭,以及作為消費者根據法律資料安全標準提起資料洩露訴訟之標準[9];歐洲中央銀行(European Central Bank ,ECB)則是強調必須就資通訊風險進行綜合管理,包括資料秘密性、安全性和完整性等[10]。
Warren Gorham & Lamont, Report: Digital Transformation, Advanced Attacks, and Strict New Regulation Causing Turmoil Among US Financial Services Organizations and Putting Data at Risk, Internal Auditing Report, Jan. 2019.
Karni Chagal-Feferkorn, The Reasonable Algorithm, 115, 2018 U. Ill. J.L. Tech. & Pol’y 111.
James A. Allen, THE COLOR OF ALGORITHMS: AN ANALYSIS AND PROPOSED RESEARCH AGENDA FOR DETERRING ALGORITHMIC REDLINING, 235, 46 Fordham Urb. L.J. 219.
Koyejo-Isaac Idowu, The Insurance Data Security Model Law: Strengthening Cybersecurity Insurer-Policyholder Relationships and Protecting Consumers, 118-119, 24 Roger Williams U. L. Rev. 115.
Willem Van de Wiele, European Fintech: New Rules on The Way, 20, 37 No. 5 Banking & Fin. Services Pol'y Rep. 16.
Matthew W. Swinehart, Modeling Payments Regulation and Financial Change, 97-98, 67 U. Kan. L. Rev. 83.
Rory Van Loo , Digital Market Perfection, 117 Mich. L. Rev. 815.
Iris H-Y Chiu, Fintech and Disruptive Business Models in Financial Products, Intermediation and Markets- Policy Implications for Financial Regulators, 100-101, 21 J. Tech. L. & Pol’y 55.