FSB published a discussion paper on the regulatory and supervisory issues related to outsourcing and third-party relationships. The discussion paper presents an overview of the evolving regulatory and supervisory landscape for outsourcing and third-party risk management in FSB member jurisdictions. It briefly describes the existing regulatory and supervisory approaches and outlines the common regulatory and supervisory challenges associated with outsourcing and third-party risk management, also identifying key issues for further exploration. FSB is seeking comments, by January 08, 2021, on the questions set out in the discussion paper.
In January-March 2020, the FSB Standing Committee on Supervisory and Regulatory Cooperation (SRC) conducted a survey among member jurisdictions on the existing regulatory and supervisory landscape for outsourcing and third-party risk management, including cross-border supervisory challenges and potential financial stability issues. The discussion paper provides a high-level overview of the existing landscape based on the survey findings as well as the preliminary observations from authorities’ and financial institutions’ recent responses to the COVID-19 pandemic. The paper intends to facilitate and inform discussions among authorities, financial institutions, and third parties on how to address the issues identified in the SRC survey and the 2019 FSB report on third-party dependencies in cloud services. The discussion has highlighted the following key challenges faced by supervisory authorities:
- Practical limitations on the ability to ensure that financial institutions appropriately manage the risks in their outsourcing and third-party agreements (including risks in the third party’s wider supply chain)
- Limitations on their ability to effectively oversee supervised financial institutions’ outsourcing and third-party arrangements in a cross-border context
- Challenges in identifying, monitoring, and managing potential systemic risks related to financial institutions’ use of outsourcing and third-party arrangements, particularly, due to concentration in the provision of third-party services and lack of relevant information
The high pace of evolution of third-party relationships, including where and how financial institutions use third-party providers, can make understanding and managing these risks more complex. In the paper, FSB highlights that additional analysis may be considered to better understand the risks posed by the changing landscape of outsourcing and third-party relationships. The additional analysis may also be considered to better understand whether the existing approaches allow financial institutions to capture the benefits of outsourcing and third-party relationships while sufficiently addressing the risks that these relationships may pose to financial institutions. The discussion paper emphasizes that effective cross-border cooperation and dialog among supervisory authorities as well as the effective application of existing standards and other emerging practices are important to address these challenges and risks.
Comment Due Date: January 08, 2021
Keywords: International, Banking, Insurance, Securities, COVID-19, Third-Party Risk, Systemic Risk, Outsourcing Risk, Cloud Computing, FSB
Leading economist; commercial real estate; performance forecasting, econometric infrastructure; data modeling; credit risk modeling; portfolio assessment; custom commercial real estate analysis; thought leader.
Across 35 years in banking, Blake has gained deep insights into the inner working of this sector. Over the last two decades, Blake has been an Operating Committee member, leading teams and executing strategies in Credit and Enterprise Risk as well as Line of Business. His focus over this time has been primarily Commercial/Corporate with particular emphasis on CRE. Blake has spent most of his career with large and mid-size banks. Blake joined Moody’s Analytics in 2021 after leading the transformation of the credit approval and reporting process at a $25 billion bank.
Previous ArticleEBA Reminds Firms to Execute Contingency Plans for Brexit Transition
The European Banking Authority (EBA) published four draft principles to support supervisory efforts in assessing the representativeness of COVID-19-impacted data for banks using the internal ratings based (IRB) credit risk models.
The European Council and the European Parliament (EP) reached a provisional political agreement on the Corporate Sustainability Reporting Directive (CSRD).
The Prudential Regulation Authority (PRA) launched a consultation (CP6/22) that sets out proposal for a new Supervisory Statement on expectations for management of model risk by banks.
The European Commission (EC) published the Delegated Regulation 2022/954, which amends regulatory technical standards on specification of the calculation of specific and general credit risk adjustments.
The Bank for International Settlements (BIS) Innovation Hub updated its work program, announcing a set of projects across various centers.
The European Insurance and Occupational Pensions Authority (EIOPA) published two consultation papers—one on the supervisory statement on exclusions related to systemic events and the other on the supervisory statement on the management of non-affirmative cyber exposures.
Certain members of the U.S. Senate Committee on Banking, Housing, and Urban Affairs issued a letter to the Securities and Exchange Commission (SEC)
The European Insurance and Occupational Pensions Authority (EIOPA) published a consultation paper on the advice on the review of the securitization prudential framework in Solvency II.
The Bank for International Settlements (BIS) published bulletins on lending in decentralized finance (DeFi) system, on blockchain scalability and fragmentation of crypto, and on extractable value and market manipulation in crypto and decentralized finance.
The Prudential Regulation Authority (PRA) issued a statement on PRA buffer adjustment while the Bank of England (BoE) published a notice on the statistical reporting requirements for banks.