Featured Product

    Central Bank of Ireland Proposes Guidance on Management of Outsourcing

    February 25, 2021

    Central Bank of Ireland proposed the cross-industry guidance on management of outsourcing risks. The guidance is intended to assist regulated firms in developing their outsourcing risk management frameworks to effectively, identify, monitor, and manage the outsourcing risks. The guidance reminds regulated firms about their statutory obligations on compliance with the existing and future legislation, regulations and about the guidelines relevant to their sector, in respect of the management of outsourcing risk. The consultation period ends on July 26, 2021, post which the Central Bank plans to publish the final guidance in 2021.

    The guidance reaffirms the adoption of the EBA guidelines on outsourcing arrangements and the EIOPA and ESMA guidelines for outsourcing to cloud service providers, for regulated firms that are within the scope of those guidelines.  The central bank deems this guidance relevant to any regulated firm that utilizes outsourcing as part of its business model. The guidance applies equally to intragroup outsourcing arrangements as it does to arrangements with third-party outsourced service providers. Instead of superseding the existing sectoral legislation, regulations, and guidance on outsourcing, the proposed guidance supports and complements these supervisory tools by setting out aspects of good practice for the effective management of outsourcing risk in all its forms. The proposed guidance:

    • Sets out expectations on the governance and management of outsourcing risk, along with the details of the relevant responsibilities of boards and senior management; it also outlines the expectation for regulated firms to consider their strategy and risk appetite in relation to outsourcing and details the elements that should be incorporated in the outsourcing policy of a regulated firm.
    • Highlights the importance of a comprehensive assessment of outsourcing risks and details factors to be considered when assessing and designing controls to manage and/or mitigate a number of key outsourcing risks.
    • Outlines expectations on the management of outsourcing risks in the area of Information and Communications Technology (ICT), including risks arising when outsourcing to the cloud, in addition to presenting the broader measures to be adopted for all critical outsourcing arrangements.
    • Conveys the expectation that regulated firms should undertake appropriate due diligence of outsourced service providers before entering into an outsourcing arrangement and at appropriate intervals during the lifecycle of the arrangement.
    • Emphasizes the importance of regular, comprehensive monitoring of the delivery of the service or function that has been outsourced and the appropriateness of the framework governing and supporting the arrangements.
    • Presents factors that regulated firms should consider when determining whether an outsourced function should be deemed critical or important
    • Specifies the requirements for regulated firms to establish and maintain a register (database) of all outsourcing arrangements and the information (data elements) that such registers should contain; this includes proposal to establish an online regulatory return of the outsourcing registers for submission by regulated firms on a cyclical basis, commencing in January 2022.

     

    Related Links

    Comment Due Date: July 26, 2021

    Keywords: Europe, Ireland, Banking, Insurance, Securities, Outsourcing Risk, Governance, Outsourcing Arrangements, Cloud Service Providers, ESAs, Central Bank of Ireland

    Related Articles
    News

    EC to Defer Application of SFDR Standards Till July 2022

    The European Commission (EC) announced plans to defer the application of 13 regulatory technical standards under the Sustainable Finance Disclosure Regulation (2019/2088) by six months, from January 01, 2022 to July 01, 2022.

    July 23, 2021 WebPage Regulatory News
    News

    BoE Consults on Approach to Setting MREL, Publishes Bail-In Guidance

    The Bank of England (BoE) published a consultation paper on approach to setting minimum requirement for own funds and eligible liabilities (MREL), an operational guide on executing bail-in, and a statement from the Deputy Governor Dave Ramsden.

    July 22, 2021 WebPage Regulatory News
    News

    EBA Seeks Views on Proportionality Assessment Methodology

    The European Banking Authority (EBA) is seeking preliminary input on standardization of the proportionality assessment methodology for credit institutions and investment firms.

    July 22, 2021 WebPage Regulatory News
    News

    US Agencies Propose Changes to Call Reports and Instructions

    Certain regulatory authorities in the US are extending period for completion of the review of certain residential mortgage provisions and for publication of notice disclosing the determination of this review until December 20, 2021.

    July 22, 2021 WebPage Regulatory News
    News

    PRA Finalizes Rulebook Definition of Higher Paid Material Risk-Taker

    The Prudential Regulation Authority (PRA) published the policy statement PS18/21, which introduces an amendment in the definition of "higher paid material risk taker" in the Remuneration Part of the PRA Rulebook.

    July 21, 2021 WebPage Regulatory News
    News

    EBA Examines Asset Encumbrance in Banking Sector

    The European Banking Authority (EBA) published its annual report on asset encumbrance in banking sector.

    July 21, 2021 WebPage Regulatory News
    News

    EBA Publishes Methodological Guide to Mystery Shopping

    The European Banking Authority (EBA) published a methodological guide to mystery shopping.

    July 21, 2021 WebPage Regulatory News
    News

    APRA Issues Update on Capital Reform Policy Settings for Banks

    The Australian Prudential Regulation Authority (APRA) released a letter to authorized deposit-taking institutions to provide an update on key policy settings for the capital framework reforms, which will come into effect from January 01, 2023.

    July 21, 2021 WebPage Regulatory News
    News

    CPMI-IOSCO Assess Continuity Planning of Market Infrastructures

    The Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO) published a report that assesses the business continuity planning activities of financial market infrastructures or FMIs.

    July 21, 2021 WebPage Regulatory News
    News

    ESMA Responds to Proposal Related to Sustainability Standards Board

    The European Securities and Markets Authority (ESMA) has responded to the IFRS consultation on targeted amendments to the IFRS Foundation constitution to accommodate an International Sustainability Standards Board (ISSB) to set IFRS Sustainability Standards.

    July 21, 2021 WebPage Regulatory News
    RESULTS 1 - 10 OF 7283