ESMA Consults on Guidelines for Cloud Outsourcing
ESMA published a consultation paper on guidelines on outsourcing to cloud service providers. The consultation is open until September 01, 2020 and seeks feedback from both national competent authorities and financial market participants that use cloud services provided by third parties. The consultation is also important for cloud service providers, as the draft guidelines aim to ensure that potential risks firms may face from the use of cloud services are properly addressed. ESMA aims to publish the final report on the guidelines by the first quarter of 2021.
The proposed guidelines are consistent with the EBA recommendations on outsourcing to cloud service providers, which were subsequently incorporated into the revised EBA guidelines on outsourcing arrangements in February 2019, and the EIOPA guidelines on cloud outsourcing that were published in February 2020. The guidelines cover the outsourcing requirements applicable to financial market participants when they outsource to cloud service providers. They are intended to help firms and competent authorities identify, address, and monitor the risks and challenges that arise from cloud outsourcing arrangements—from making the decision to outsource, selecting a cloud service provider, and monitoring outsourced activities to providing for exit strategies. The proposed guidelines set out the:
- Governance, documentation, oversight, and monitoring mechanisms that firms should have in place
- Assessment and due diligence that should be undertaken prior to outsourcing
- Minimum elements that outsourcing and sub-outsourcing agreements should include
- Exit strategies and the access and audit rights that should to be catered for
- Notification to competent authorities
- Supervision by competent authorities
Related Links
Comment Due Date: September 01, 2020
Keywords: Europe, EU, Banking, Insurance, Securities, PMI, Cloud Computing, Third Party Arrangements, Outsourcing Arrangements, ESMA
Related Articles
HKMA Announces Repayment Deferment Under Payment Holiday Scheme
HKMA, together with the Banking Sector Small and Medium-Size Enterprise (SME) Lending Coordination Mechanism, announced a ninety-day repayment deferment for trade facilities under the Pre-approved Principal Payment Holiday Scheme.
ESRB Paper Presents Alternative Approach to EBA Stress Test Proposal
The Advisory Scientific Committee of ESRB published a response, in the form of an Insights Paper, to the EBA proposals for reforms to the stress testing framework in EU.
MAS Announces Key Initiatives to Support Adoption of SORA
MAS announced several initiatives to support adoption of the Singapore Overnight Rate Average (SORA), which is administered by MAS.
BoE Updates Template and Definitions for Form ER
BoE updated the reporting template for Form ER as well as the Form ER definitions, which contain guidance on the methodology to be used in calculating annualized interest rates.
PRA to Extend Temporary High Balance Coverage Amid COVID Crisis
PRA published the policy statement PS19/20 on the final policy for extending coverage under the Financial Services Compensation Scheme (FSCS) for Temporary High Balance.
EBA Publishes Standards on Disclosure and Reporting of MREL and TLAC
EBA published the final draft implementing technical standards for disclosures and reporting on the minimum requirements for own funds and eligible liabilities (MREL) and the total loss-absorbing capacity (TLAC) requirements in EU.
EBA Releases Erratum for Phase 2 Package on Reporting Framework 2.10
EBA published an erratum for the phase 2 of technical package on the reporting framework 2.10.
EC Sets Out Updated Technical Information for Solvency II Calculations
EC published the Implementing Regulation 2020/1145, which lays down technical information for calculation of technical provisions and basic own funds.
US Agencies Issue Statement on Additional COVID-19 Loan Accommodations
FFIEC, on behalf of its members that include US Agencies such as CFPB, FDIC, FED, NCUA, and OCC, issued a joint statement that sets out prudent risk management and consumer protection principles for financial institutions to consider while working with borrowers.
PRA Consults on Implementation of Certain Provisions of CRD5
PRA, via the consultation paper CP12/20, proposed changes to its rules, supervisory statements, and statements of policy to implement certain elements of the Capital Requirements Directive (CRD5).
