Featured Product

    BoM Consults on Guideline on Use of Cloud Services

    August 26, 2021

    The Bank of Mauritius (BoM) is proposed guidelines on the private banking business and on the general principles for use of cloud services. The proposed cloud services guideline lays down the minimum requirements that shall be applicable to the use of cloud services provided by third parties for material services; where specified in the guideline, these minimum requirements shall also apply to services that involve customer information. The draft guideline applies to all cloud-based arrangements entered by any financial institution licensed by BoM under the Banking Act 2004. The consultation is open until September 08, 2021.

    The draft guideline on the use of cloud services provides the necessary guidance to financial institutions engaging in the use of cloud services such that the risks are appropriately identified and managed. The draft guideline on use of cloud services highlights that financial institutions are expected to follow a risk-based approach in respect of cloud services. The level of governance to be applied, the information security requirements, the types of controls to be deployed, and the level of the initial and ongoing due diligence and assurance to be performed shall be commensurate with the criticality of the services. Financial institutions will also be comply to the guideline on outsourcing by financial institutions in the event an outsourced activity avails of the use of cloud services. According to the draft guideline, financial institutions shall submit to BoM a return on use of cloud-based services/activities, containing a list of all material and non-material cloud-based services/activities in the form and manner prescribed by BoM on an annual basis. The annual return should be submitted within the next twenty working days of the previous calendar year. In the event of any change, the amended return shall be submitted within a week following the change. Financial institutions shall report promptly to BoM any incident including unauthorized access or breach of confidentiality and security, directly or indirectly, by a cloud service provider and the action/s it is proposed to take in consequence. A transitional period of six months shall be granted to all financial institutions to ensure compliance with the requirements of the guideline.

    In addition, BoM launched a public consultation on another draft guideline, which sets out the regulatory and supervisory framework applicable to banks conducting private banking business. This guideline specifies additional requirements to, or exemptions from, the rules applicable to conventional banking. It sets out the terms under which BoM is prepared to consider exemptions from the Banking Act 2004 under section 7(7D) of the Banking Act. This guideline applies to banks which are licensed under the Banking Act 2004 and which engage in private banking business. Section II of this guideline on exemptions applicable to banks licensed to carry on exclusively private banking business shall apply only to banks licensed under section 7(5) of the Banking Act 2004 to carry on exclusively private banking business. The other sections of the guideline apply to banks carrying on exclusively private banking business as well as banks offering private banking services as part of their conventional banking services. This guideline supersedes the guidelines for banks licensed to carry on private banking business introduced in February 2017. The consultation is open until September 15, 2021.

     

    Related Links

    Comment Due Date: September 08, 2021 (Cloud Guideline)/September 15, 2021 (Private Banking Business Guideline)

    Keywords: Middle East and Africa, Mauritius, Banking, Cloud Service Providers, Cloud Computing, Governance, Private Banking, Banking Act, Reporting, Regtech, BOM

    Featured Experts
    Related Articles
    News

    EBA Clarifies Use of COVID-19-Impacted Data for IRB Credit Risk Models

    The European Banking Authority (EBA) published four draft principles to support supervisory efforts in assessing the representativeness of COVID-19-impacted data for banks using the internal ratings based (IRB) credit risk models.

    June 21, 2022 WebPage Regulatory News
    News

    EP Reaches Agreement on Corporate Sustainability Reporting Directive

    The European Council and the European Parliament (EP) reached a provisional political agreement on the Corporate Sustainability Reporting Directive (CSRD).

    June 21, 2022 WebPage Regulatory News
    News

    PRA Consults on Model Risk Management Principles for Banks

    The Prudential Regulation Authority (PRA) launched a consultation (CP6/22) that sets out proposal for a new Supervisory Statement on expectations for management of model risk by banks.

    June 21, 2022 WebPage Regulatory News
    News

    EC Regulation Amends Standards for Calculating Credit Risk Adjustments

    The European Commission (EC) published the Delegated Regulation 2022/954, which amends regulatory technical standards on specification of the calculation of specific and general credit risk adjustments.

    June 21, 2022 WebPage Regulatory News
    News

    BIS Hub Updates Work Program for 2022, Announces New Projects

    The Bank for International Settlements (BIS) Innovation Hub updated its work program, announcing a set of projects across various centers.

    June 17, 2022 WebPage Regulatory News
    News

    EIOPA Issues Cyber Underwriting Proposal, Statement on Open Insurance

    The European Insurance and Occupational Pensions Authority (EIOPA) published two consultation papers—one on the supervisory statement on exclusions related to systemic events and the other on the supervisory statement on the management of non-affirmative cyber exposures.

    June 17, 2022 WebPage Regulatory News
    News

    US Senate Members Seek Details on SEC Proposed Climate Disclosure Rule

    Certain members of the U.S. Senate Committee on Banking, Housing, and Urban Affairs issued a letter to the Securities and Exchange Commission (SEC)

    June 16, 2022 WebPage Regulatory News
    News

    EIOPA Consults on Review of Securitization Framework in Solvency II

    The European Insurance and Occupational Pensions Authority (EIOPA) published a consultation paper on the advice on the review of the securitization prudential framework in Solvency II.

    June 16, 2022 WebPage Regulatory News
    News

    UK Authorities Issue Regulatory and Reporting Updates for Banks

    The Prudential Regulation Authority (PRA) issued a statement on PRA buffer adjustment while the Bank of England (BoE) published a notice on the statistical reporting requirements for banks.

    June 15, 2022 WebPage Regulatory News
    News

    BCBS Issues Climate Risk Principles while HKMA Expresses Its Support

    The Basel Committee on Banking Supervision (BCBS) issued principles for the effective management and supervision of climate-related financial risks.

    June 15, 2022 WebPage Regulatory News
    RESULTS 1 - 10 OF 8280