SARB issued a directive (D3/2018) and guidance notes (G5/2018) on cloud computing and the offshoring of data by banks. The directive is applicable to all banks, controlling companies, branches of foreign institutions and auditors of banks or controlling companies. The directive will be effective from October 01, 2018.
The Prudential Authority of the country expects banks to follow a risk-based approach that is aligned with their risk appetite, based on the nature and size of operations, when implementing cloud computing and offshoring the data. The directive specifies that bank must have in place a formally defined and board approved data strategy and data governance framework. Banks must ensure that their risk and control frameworks, including their application, are designed and operative effectively to manage risks associated with the use of cloud computing and/or the offshoring of data. Banks that use cloud computing and/or offshore their data must ensure that they remain compliant with applicable legislation and regulations, both locally and in the country where cloud services and/or data are hosted.
Effective Date: October 01, 2018
Keywords: South Africa, Banking, Fintech, Cloud Computing, Data Offshoring, Data Governance, SARB
Previous ArticleBDF Publishes Supporting Documents for AnaCredit Reporting
EBA finalized the guidelines on treatment of structural foreign-exchange (FX) positions under Article 352(2) of the Capital Requirements Regulation (CRR).
FSB published a statement on the impact of COVID-19 pandemic on global benchmark transition.
IAIS published technical specifications, questionnaires, and templates for 2020 Insurance Capital Standard (ICS) and Aggregation Method data collections.
BIS announced that it will establish new Innovation Hub centers across Europe and in North America in cooperation with member central banks.
FED updated the reporting form for FR 2052a, which is used to monitor the overall liquidity profile of certain supervised institutions.
PRA published a statement that sets out its views on certain amendments made to Capital Requirements Regulations (CRR and CRR2) via EU Regulation 2020/873 (CRR "Quick Fix"), including some guidance for firms.
PRA is proposing (CP5/20) an approach for publication of Solvency II technical information after the end of the transition period for Brexit.
FASB announced that SEC has upgraded the Electronic Data Gathering, Analysis, and Retrieval (EDGAR) system to Release 20.2.
The Climate Financial Risk Forum (CFRF), which is a joint climate risk forum of FCA and PRA, published a guide written by the industry for the industry to help firms approach and address climate-related financial risks.
IAIS published an application paper on liquidity risk management for insurers.