ITU-T Focus Group Digital Financial Services
                                                         Ecosystem



                    iii.  Data on the security of the telecommunications network and information on relevant security and
                       risk mitigation measures
                    iv.  Information on emerging business models and services related to digital financial services

               •    Requests for information should be delivered with the following considerations outlined
                    i.  Accurate description of the information needed and the corresponding purpose
                    ii.  Conditions attached to the disclosure

                    iii.  The sensitivity and confidentiality of the information
                    iv.  The recipient parties of the information, including any third parties
                    v.  The date by which the information is needed

               •    Provision of or request for information will be denied if compliance would result in an unlawful act or
                    interfere with an ongoing investigation


               3.3.8   Confidentiality
               •    Information shared or discussed will be used only for lawful purposes

               •    Information will not be shared or disclosed beyond the recipient parties identified unless first agreed
                    upon by both Authorities

               •    Information provided will remain the property of the Authority that provided such information
               •    All documents related to this MOU will include the following in the footer: ‘Confidential- provided
                    pursuant to the MoU between the <Authority 1> and <Authority 2> and <AS NEEDED: Authority 3 and
                    4> on the regulation and supervision of digital financial services.

               3.3.9   Commencement, Duration and Termination

               •    This understanding comes into effect on the date signed by the represented Authorities.
               •    This understanding shall remain in effect until one Authority notifies the other in writing of its wish to
                    revise, amend or terminate from the understanding. <X> days notice of any action will be required.
                    Revisions and amendments must be agreed upon by both Authorities
               •    An Authority may terminate its participation in this understanding by providing written notice to the
                    other Authority, assuming the termination will not  affect the obligations and rights of either Authority
                    with respect to confidential information shared over the course the MoU was active

               •    This MoU will not affect the rights and obligations of the Authorities under applicable laws and regulations

               3.3.10  Other Considerations for establishing an MOU

               When drafting an MoU, the Authorities may want to consider additional sections beyond what was outlined
               above. Those may include

               •    Dispute resolution: how to manage dispute between the two Authorities
               •    Manage inconsistencies:  what to do if there are inconsistencies between the MoU and other laws or
                    regulations
               •    Distribution of costs: how to divide costs related to actualizing this MOU including information sharing
               •    Governing law and legislation: how to ensure the recognition and intersections of law and legislation
                    including banking secrecy, protection of personal information, and confidentiality of communication
               •    Communications to the public: how to manage external communications to parties outside of this
                    understanding




                32