ESMA published a consultation paper on guidelines on outsourcing to cloud service providers. The consultation is open until September 01, 2020 and seeks feedback from both national competent authorities and financial market participants that use cloud services provided by third parties. The consultation is also important for cloud service providers, as the draft guidelines aim to ensure that potential risks firms may face from the use of cloud services are properly addressed. ESMA aims to publish the final report on the guidelines by the first quarter of 2021.
The proposed guidelines are consistent with the EBA recommendations on outsourcing to cloud service providers, which were subsequently incorporated into the revised EBA guidelines on outsourcing arrangements in February 2019, and the EIOPA guidelines on cloud outsourcing that were published in February 2020. The guidelines cover the outsourcing requirements applicable to financial market participants when they outsource to cloud service providers. They are intended to help firms and competent authorities identify, address, and monitor the risks and challenges that arise from cloud outsourcing arrangements—from making the decision to outsource, selecting a cloud service provider, and monitoring outsourced activities to providing for exit strategies. The proposed guidelines set out the:
- Governance, documentation, oversight, and monitoring mechanisms that firms should have in place
- Assessment and due diligence that should be undertaken prior to outsourcing
- Minimum elements that outsourcing and sub-outsourcing agreements should include
- Exit strategies and the access and audit rights that should to be catered for
- Notification to competent authorities
- Supervision by competent authorities
Comment Due Date: September 01, 2020
Keywords: Europe, EU, Banking, Insurance, Securities, PMI, Cloud Computing, Third Party Arrangements, Outsourcing Arrangements, ESMA
Leading economist; commercial real estate; performance forecasting, econometric infrastructure; data modeling; credit risk modeling; portfolio assessment; custom commercial real estate analysis; thought leader.
FSB published the annual report that examines to-date progress toward implementation of climate-related disclosure recommendations of the industry-led Task Force on Climate-related Financial Disclosures (TCFD).
PRA launched a consultation (CP18/20) setting out proposals for the "Contractual Recognition of Bail-in" and "Stay in Resolution" Rules.
APRA is consulting on the reporting standard for credit risk management (ARS 220.0).
EC published draft of a delegated regulation amending liquidity coverage rules for covered bond issuers.
ESMA published an update to its March 2019 statement on the endorsement of credit ratings from UK.
FASB is consulting on the XBRL US Data Quality Committee (DQC) Rules Taxonomy (DQCRT) along with two technical guides.
PRA published Version 2 of the questions and answers (Q&A) on the Branch Return form.
FCA and PRA in the UK, FED in the US, and the authorities in Singapore have fined Goldman Sachs for risk management failures in connection with the 1Malaysia Development Berhad (1MDB).
ISDA launched the IBOR Fallbacks Supplement and the IBOR Fallbacks Protocol, with both becoming effective on January 25, 2021.
BCBS announced that OSFI and the Bank of Canada hosted the 21st International Conference of Banking Supervisors (ICBS) virtually on October 19-22, 2020.