top of page

DATA PROTECTION POLICY

Confidentiality. Security. Institutional Responsibility.

International Commerce Bank Singapore (“ICBANKSG,” “the Institution,” “we,” “our,” or “us”) is committed to maintaining the highest standards of data protection and information security.

This Data Protection Policy outlines the principles and controls governing the collection, storage, processing, and protection of personal and corporate data within our institutional framework.

1. Policy Objective

The objective of this Policy is to:

  • Safeguard confidential client and institutional data
  • Ensure structured data governance practices
  • Mitigate cybersecurity and operational risks
  • Maintain regulatory and compliance alignment
  • Preserve institutional trust

Data protection is integral to our governance architecture and operational integrity.

2. Categories of Data Covered

This Policy applies to:

  • Personal identification information
  • Corporate documentation
  • Financial records
  • Compliance and due diligence materials
  • Transactional data
  • Digital access credentials
  • Internal institutional records

All categories of data are handled under strict confidentiality controls.

3. Data Collection Principles

ICBANKSG collects information only where necessary for legitimate institutional purposes, including:

  • Client onboarding and verification
  • Risk assessment and compliance review
  • Processing of banking and financing requests
  • Regulatory reporting obligations
  • Internal operational management

We adhere to principles of data minimization, ensuring only relevant and necessary information is requested.

4. Data Security Controls

ICBANKSG maintains structured technical and organizational safeguards, including:

  • Encrypted data transmission channels
  • Access-controlled internal systems
  • Multi-factor authentication protocols
  • Segregated data storage environments
  • Cybersecurity monitoring and threat detection
  • Controlled document management systems

Access to sensitive information is restricted to authorized personnel operating under confidentiality obligations.

5. Access Control & Confidentiality

Information access within ICBANKSG is governed by role-based authorization. Employees and authorized representatives are subject to:

  • Confidentiality agreements
  • Internal conduct policies
  • Data handling protocols
  • Periodic compliance oversight

Unauthorized access, disclosure, or misuse of data is strictly prohibited.

6. Data Retention & Record Management

ICBANKSG retains data in accordance with regulatory requirements, risk management standards, and contractual obligations.

Retention periods are determined based on legal and operational considerations. Upon expiration of retention requirements, data is securely archived or disposed of using structured destruction protocols.

7. Cross-Border Data Handling

Given the international nature of institutional banking operations, data may be processed across jurisdictions where necessary to facilitate structured financial services. ICBANKSG ensures that cross-border transfers maintain appropriate safeguards consistent with recognized international data protection standards.

8. Incident Response & Breach Management

ICBANKSG maintains internal procedures to address potential data security incidents, including:

  • Immediate containment protocols
  • Internal investigation procedures
  • Regulatory notification where required
  • Remediation and system reinforcement

Institutional resilience and rapid response are core components of our data governance model.

9. Client Responsibilities

Clients are responsible for:

  • Maintaining confidentiality of login credentials
  • Ensuring secure transmission of documentation
  • Promptly notifying ICBANKSG of suspected unauthorized access
  • Providing accurate and updated information

Failure to safeguard credentials may increase exposure to risk beyond institutional control.

10. Third-Party Service Providers

Where third-party technology or service providers are engaged, ICBANKSG ensures:

  • Contractual confidentiality obligations
  • Security compliance standards
  • Restricted data processing authority
  • Oversight and monitoring of service performance

Data is not sold or commercially distributed.

11. Policy Updates

ICBANKSG reserves the right to amend this Data Protection Policy to reflect regulatory developments, technological enhancements, or institutional restructuring. Updates become effective upon publication.

Institutional Commitment
  • Protecting client confidentiality
  • Maintaining institutional-grade cybersecurity standards
  • Ensuring disciplined information governance
  • Preserving long-term trust and operational integrity

Data protection is not merely regulatory compliance — it is an institutional obligation.

bottom of page