ESMA published a consultation paper on guidelines on outsourcing to cloud service providers. The consultation is open until September 01, 2020 and seeks feedback from both national competent authorities and financial market participants that use cloud services provided by third parties. The consultation is also important for cloud service providers, as the draft guidelines aim to ensure that potential risks firms may face from the use of cloud services are properly addressed. ESMA aims to publish the final report on the guidelines by the first quarter of 2021.
The proposed guidelines are consistent with the EBA recommendations on outsourcing to cloud service providers, which were subsequently incorporated into the revised EBA guidelines on outsourcing arrangements in February 2019, and the EIOPA guidelines on cloud outsourcing that were published in February 2020. The guidelines cover the outsourcing requirements applicable to financial market participants when they outsource to cloud service providers. They are intended to help firms and competent authorities identify, address, and monitor the risks and challenges that arise from cloud outsourcing arrangements—from making the decision to outsource, selecting a cloud service provider, and monitoring outsourced activities to providing for exit strategies. The proposed guidelines set out the:
- Governance, documentation, oversight, and monitoring mechanisms that firms should have in place
- Assessment and due diligence that should be undertaken prior to outsourcing
- Minimum elements that outsourcing and sub-outsourcing agreements should include
- Exit strategies and the access and audit rights that should to be catered for
- Notification to competent authorities
- Supervision by competent authorities
Comment Due Date: September 01, 2020
Keywords: Europe, EU, Banking, Insurance, Securities, PMI, Cloud Computing, Third Party Arrangements, Outsourcing Arrangements, ESMA
Leading economist; commercial real estate; performance forecasting, econometric infrastructure; data modeling; credit risk modeling; portfolio assessment; custom commercial real estate analysis; thought leader.
EC published Regulation 2021/25 that addresses amendments related to the financial reporting consequences of replacement of the existing interest rate benchmarks with alternative reference rates.
BIS published a bulletin, or a note, that examines the cyber threat landscape in the context of the pandemic and discusses policies to reduce risks to financial stability.
HM Treasury, also known as HMT, has updated the table containing the list of the equivalence decisions that came into effect in UK at the end of the transition period of its withdrawal from EU.
EBA published an erratum for technical package on phase 1 of the reporting framework 3.0.
APRA updated a frequently asked question (FAQ), for authorized deposit-taking institutions, on the measurement of credit risk weighted assets.
EBA published the quarterly risk dashboard, along with the results of the Risk Assessment Questionnaire survey among 60 banks and 15 market analysts.
ECB concluded the public consultation on the introduction of a digital euro in EU.
ECB published a guide that sets out the supervisory approach to consolidation in the banking sector.
The SRB Chair Elke König published an article setting out work priorities for 2021.
FDIC has selected 11 technology companies—including BearingPoint, Fed Reporter, Inc, and S&P Global Market Intelligence, LLC—for inclusion in the third and final phase of the rapid prototyping competition.