SARB Issues Directive on Cloud Computing and Data Offshoring by Banks
SARB issued a directive (D3/2018) and guidance notes (G5/2018) on cloud computing and the offshoring of data by banks. The directive is applicable to all banks, controlling companies, branches of foreign institutions and auditors of banks or controlling companies. The directive will be effective from October 01, 2018.
The Prudential Authority of the country expects banks to follow a risk-based approach that is aligned with their risk appetite, based on the nature and size of operations, when implementing cloud computing and offshoring the data. The directive specifies that bank must have in place a formally defined and board approved data strategy and data governance framework. Banks must ensure that their risk and control frameworks, including their application, are designed and operative effectively to manage risks associated with the use of cloud computing and/or the offshoring of data. Banks that use cloud computing and/or offshore their data must ensure that they remain compliant with applicable legislation and regulations, both locally and in the country where cloud services and/or data are hosted.
Related Links
Effective Date: October 01, 2018
Keywords: South Africa, Banking, Fintech, Cloud Computing, Data Offshoring, Data Governance, SARB
Previous Article
EIOPA on Application of Licensing and Proportionality to InsurtechRelated Articles
APRA Sets LAC for D-SIBs, Proposes to Enhance Crisis Preparedness
APRA issued a letter on the loss-absorbing capacity (LAC) requirements for domestic systemically important banks (D-SIBs) and published a discussion paper, along with the proposed the prudential standards on financial contingency planning (CPS 190) and resolution planning (CPS 900).
EC to Review Macro-Prudential Rules while ESRB Assesses Policy Stance
The European Commission (EC) launched a call for evidence, until March 18, 2022, as part of a comprehensive review of the macro-prudential rules for the banking sector under the Capital Requirements Regulation (CRR) and Directive (CRD IV).
FSB Sets Out Good Practices for Crisis Management Groups
The Financial Stability Board (FSB) published a report that sets out good practices for crisis management groups.
APRA Penalizes Heritage Bank for Incorrect Reporting of Capital
The Australian Prudential Regulation Authority (APRA) found that Heritage Bank Limited had incorrectly reported capital because of weaknesses in operational risk and compliance frameworks, although the bank did not breach minimum prudential capital ratios at any point and remains well-capitalized.
OSFI Releases Annual Report 2021-2022
The Office of the Superintendent of Financial Institutions (OSFI) released the annual report for 2020-2021.
OSFI Updates Timeline for Implementation of Certain Basel Rules
Through a letter addressed to the banking sector entities, the Office of the Superintendent of Financial Institutions (OSFI) announced deferral of the domestic implementation of the final Basel III reforms from the first to the second quarter of 2023.
EC Defers Adoption of Regulatory Standards for Disclosures Under SFDR
EIOPA recently published a letter in which EC is informing the European Parliament and Council that it could not adopt the set of draft regulatory technical standards for disclosures under the Sustainable Finance Disclosure Regulation (SFDR) within the stipulated three-month period, given their length and technical detail.
FCA Releases MIFIDPRU Application Forms and Third Set of Rules on IFPR
The Financial Conduct Authority (FCA) published the third in a series of policy statements that set out rules to introduce the UK Investment Firm Prudential Regime (IFPR), which will take effect on January 01, 2022.
APRA Finalizes Capital Adequacy Standards for Banks
The Australian Prudential Regulation Authority (APRA) published, along with a summary of its response to the consultation feedback, an information paper that summarizes the finalized capital framework that is in line with the internationally agreed Basel III requirements for banks.
CPMI-IOSCO Seek Comments on Access to Central Clearing and Portability
The Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO) issued a consultative report focusing on access to central counterparty (CCP) clearing and client-position portability.
