PRA published a consultation paper CP30/19 that sets out proposals to modernize the regulatory framework on outsourcing and third-party risk management. These proposals are set out in the draft supervisory statement on outsourcing and third-party risk management in the Appendix to CP30/19. PRA proposes to publish the final policy on these proposals in the second half of 2020, with implementation of most the proposals shortly after. This consultation closes on April 03, 2020.
The proposals pursue the following objectives:
- Complement the policy proposals in CP29/19 on operational resilience.
- Facilitate greater resilience and adoption of the cloud and other new technologies, as set out in response of BoE to the "Future of Finance" report.
- Implement the EBA guidelines on outsourcing arrangements. The draft supervisory statement clarifies how PRA expects banks to approach the EBA Outsourcing Guidelines in the context of its requirements and expectations. In addition, certain chapters in the draft supervisory statement elaborate on the expectations in the EBA Outsourcing Guidelines.
- Take into account the draft EIOPA guidelines on outsourcing to cloud service providers and EBA guidelines on information and communication technology and security risk management.
Certain proposals, which derive from the EBA Outsourcing Guidelines or (if adopted in the current form) the draft EIOPA Cloud Guidelines, would be subject to longer implementation periods, particularly those that relate to the
- Register of outsourcing arrangements (Outsourcing Register)
- Revision by banks of outsourcing arrangements entered into before September 30 2019 and revision by insurers of cloud Outsourcing arrangements entered into before July 01, 2020 (Legacy Outsourcing Arrangements), to bring them into compliance with the EBA Outsourcing Guidelines and EIOPA Cloud Guidelines, respectively.
The consultation paper is relevant to all UK banks, building societies, and PRA-designated investment firms, insurance and reinsurance firms, groups in scope of Solvency II, including the Society of Lloyd’s and managing agents, and branches of overseas banks and insurers. Some of the proposals in CP30/19 are relevant to credit unions and non-directive firms namely those in paragraph 2.3 of CP30/19; PRA rules, statutory powers, and requirements referenced in tables 2, 5, and 6; and paragraphs 5.11-5.12. In line with the principle of proportionality, PRA proposes not to apply the remaining sections of the draft supervisory statement to credit unions and non-directive firms.
Comment Due Date: April 03, 2020
Keywords: Europe, UK, Banking, Insurance, Securities, Reinsurance, CP 30/19, Cloud Service Providers, Proportionality, Operational Resilience, Third-Party Arrangements, Operational Risk, Outsourcing Arrangements, EBA, EIOPA, PRA
ECB published a decision allowing the euro area banks under its direct supervision to exclude certain central bank exposures from the leverage ratio.
ESAs launched a survey seeking feedback on the presentational aspects of product templates under the Sustainable Finance Disclosure Regulation (SFDR or Regulation 2019/2088).
ECB published input of the European System of Central Banks (ESCB) into the EBA feasibility report on reducing the reporting burden for banks in EU.
ECB finalized the guide on assessment methodology for the internal model method for calculating exposure to counterparty credit risk (CCR) and the advanced method for own funds requirements for credit valuation adjustment (A-CVA) risk.
EBA published an Opinion addressed to EC to raise awareness about the opportunity to clarify certain issues related to the definition of credit institution in the upcoming review of the Capital Requirements Directive and Regulation (CRD and CRR).
APRA is consulting on updates to ARS 210.0, the reporting standard that sets out requirements for provision of information on liquidity and funding of an authorized deposit-taking institution.
FED released hypothetical scenarios for a second round of stress tests for banks.
FED is proposing to temporarily revise the capital assessments and stress testing reports (FR Y-14A/Q/M) to implement the changes necessary to conduct stressed analysis in connection with the re-submission of capital plans, using data as of June 30, 2020.
FED adopted a proposal to extend for three years, with revision, the information collection under the market risk capital rule (FR 4201; OMB No. 7100-0314).
EBA published a voluntary online survey seeking input from credit institutions on their practices and future plans for Pillar 3 disclosures on the environmental, social, and governance (ESG) risks.