PRA published a consultation paper CP30/19 that sets out proposals to modernize the regulatory framework on outsourcing and third-party risk management. These proposals are set out in the draft supervisory statement on outsourcing and third-party risk management in the Appendix to CP30/19. PRA proposes to publish the final policy on these proposals in the second half of 2020, with implementation of most the proposals shortly after. This consultation closes on April 03, 2020.
The proposals pursue the following objectives:
- Complement the policy proposals in CP29/19 on operational resilience.
- Facilitate greater resilience and adoption of the cloud and other new technologies, as set out in response of BoE to the "Future of Finance" report.
- Implement the EBA guidelines on outsourcing arrangements. The draft supervisory statement clarifies how PRA expects banks to approach the EBA Outsourcing Guidelines in the context of its requirements and expectations. In addition, certain chapters in the draft supervisory statement elaborate on the expectations in the EBA Outsourcing Guidelines.
- Take into account the draft EIOPA guidelines on outsourcing to cloud service providers and EBA guidelines on information and communication technology and security risk management.
Certain proposals, which derive from the EBA Outsourcing Guidelines or (if adopted in the current form) the draft EIOPA Cloud Guidelines, would be subject to longer implementation periods, particularly those that relate to the
- Register of outsourcing arrangements (Outsourcing Register)
- Revision by banks of outsourcing arrangements entered into before September 30 2019 and revision by insurers of cloud Outsourcing arrangements entered into before July 01, 2020 (Legacy Outsourcing Arrangements), to bring them into compliance with the EBA Outsourcing Guidelines and EIOPA Cloud Guidelines, respectively.
The consultation paper is relevant to all UK banks, building societies, and PRA-designated investment firms, insurance and reinsurance firms, groups in scope of Solvency II, including the Society of Lloyd’s and managing agents, and branches of overseas banks and insurers. Some of the proposals in CP30/19 are relevant to credit unions and non-directive firms namely those in paragraph 2.3 of CP30/19; PRA rules, statutory powers, and requirements referenced in tables 2, 5, and 6; and paragraphs 5.11-5.12. In line with the principle of proportionality, PRA proposes not to apply the remaining sections of the draft supervisory statement to credit unions and non-directive firms.
Comment Due Date: April 03, 2020
Keywords: Europe, UK, Banking, Insurance, Securities, Reinsurance, CP 30/19, Cloud Service Providers, Proportionality, Operational Resilience, Third-Party Arrangements, Operational Risk, Outsourcing Arrangements, EBA, EIOPA, PRA
HKMA announced that enhancements will be made to the Special 100% Loan Guarantee of the SME Financing Guarantee Scheme (SFGS) and the application period will be extended to December 31, 2021.
EBA launched consultations on the regulatory and implementing technical standards on cooperation and information exchange between competent authorities involved in prudential supervision of investment firms.
BoE has set out a three-phased plan to transform data collection from the UK financial sector over the next decade.
BIS recently made a couple of announcements with respect to the planned and ongoing work in the area of financial technology.
ESRB updated the list of national macro-prudential measures applied by each member state in the European Economic Area.
BoE has set out results of a survey on the impact of COVID-19 events on the use of machine learning and data science.
In response to a request from the European Council and Parliament, ECB published an opinion on the proposed regulation on markets in crypto-assets.
APRA announced the updated aggregate amounts for the 2021 Committed Liquidity Facility (CLF) established between the Reserve Bank of Australia (RBA) and certain locally incorporated authorized deposit-taking institutions that are subject to the Liquidity Coverage Ratio (LCR).
ECB published supervisory Memorandums of Understanding (MoUs) with UK as well as other European and non-European authorities.
EIOPA identified business model sustainability and adequate product design as the two EU-wide strategic supervisory priorities.