ESMA Consults on Guidelines for Cloud Outsourcing

By Regulatory News

June 03, 2020

Coronavirus

ESMA published a consultation paper on guidelines on outsourcing to cloud service providers. The consultation is open until September 01, 2020 and seeks feedback from both national competent authorities and financial market participants that use cloud services provided by third parties. The consultation is also important for cloud service providers, as the draft guidelines aim to ensure that potential risks firms may face from the use of cloud services are properly addressed. ESMA aims to publish the final report on the guidelines by the first quarter of 2021.

The proposed guidelines are consistent with the EBA recommendations on outsourcing to cloud service providers, which were subsequently incorporated into the revised EBA guidelines on outsourcing arrangements in February 2019, and the EIOPA guidelines on cloud outsourcing that were published in February 2020. The guidelines cover the outsourcing requirements applicable to financial market participants when they outsource to cloud service providers. They are intended to help firms and competent authorities identify, address, and monitor the risks and challenges that arise from cloud outsourcing arrangements—from making the decision to outsource, selecting a cloud service provider, and monitoring outsourced activities to providing for exit strategies. The proposed guidelines set out the:

Governance, documentation, oversight, and monitoring mechanisms that firms should have in place
Assessment and due diligence that should be undertaken prior to outsourcing
Minimum elements that outsourcing and sub-outsourcing agreements should include
Exit strategies and the access and audit rights that should to be catered for
Notification to competent authorities
Supervision by competent authorities

Related Links

Comment Due Date: September 01, 2020

Keywords: Europe, EU, Banking, Insurance, Securities, PMI, Cloud Computing, Third Party Arrangements, Outsourcing Arrangements, ESMA

Featured Experts

Victor Calanog, Ph.D.

Leading economist; commercial real estate; performance forecasting, econometric infrastructure; data modeling; credit risk modeling; portfolio assessment; custom commercial real estate analysis; thought leader.

Bank of Italy on AnaCredit Reporting of Loan Guarantees and Moratoria

Bank of Italy Updates Circular on SHS Reporting by Banks

News

APRA Sets LAC for D-SIBs, Proposes to Enhance Crisis Preparedness

APRA issued a letter on the loss-absorbing capacity (LAC) requirements for domestic systemically important banks (D-SIBs) and published a discussion paper, along with the proposed the prudential standards on financial contingency planning (CPS 190) and resolution planning (CPS 900).

December 02, 2021 WebPage Regulatory News

News

EC to Review Macro-Prudential Rules while ESRB Assesses Policy Stance

The European Commission (EC) launched a call for evidence, until March 18, 2022, as part of a comprehensive review of the macro-prudential rules for the banking sector under the Capital Requirements Regulation (CRR) and Directive (CRD IV).

December 01, 2021 WebPage Regulatory News

News

FSB Sets Out Good Practices for Crisis Management Groups

The Financial Stability Board (FSB) published a report that sets out good practices for crisis management groups.

November 30, 2021 WebPage Regulatory News

News

APRA Penalizes Heritage Bank for Incorrect Reporting of Capital

The Australian Prudential Regulation Authority (APRA) found that Heritage Bank Limited had incorrectly reported capital because of weaknesses in operational risk and compliance frameworks, although the bank did not breach minimum prudential capital ratios at any point and remains well-capitalized.