SARB Issues Directive on Cloud Computing and Data Offshoring by Banks
SARB issued a directive (D3/2018) and guidance notes (G5/2018) on cloud computing and the offshoring of data by banks. The directive is applicable to all banks, controlling companies, branches of foreign institutions and auditors of banks or controlling companies. The directive will be effective from October 01, 2018.
The Prudential Authority of the country expects banks to follow a risk-based approach that is aligned with their risk appetite, based on the nature and size of operations, when implementing cloud computing and offshoring the data. The directive specifies that bank must have in place a formally defined and board approved data strategy and data governance framework. Banks must ensure that their risk and control frameworks, including their application, are designed and operative effectively to manage risks associated with the use of cloud computing and/or the offshoring of data. Banks that use cloud computing and/or offshore their data must ensure that they remain compliant with applicable legislation and regulations, both locally and in the country where cloud services and/or data are hosted.
Related Links
Effective Date: October 01, 2018
Keywords: South Africa, Banking, Fintech, Cloud Computing, Data Offshoring, Data Governance, SARB
Previous Article
OCC Proposes to Renew Information Collection on Stress Test RuleRelated Articles
BIS Innovation Hub Sets Out Work Program for 2021
BIS Innovation Hub published the work program for 2021, with focus on suptech and regtech, next-generation financial market infrastructure, central bank digital currencies, open finance, green finance, and cyber security.
EC Plans to Consult on Crisis Management and EDIS Framework Revisions
In an article published by SRB, Mairead McGuinness, the European Commissioner for Financial Services, Financial Stability, and Capital Markets Union, discussed the progress and next steps toward completion of the Banking Union.
EBA Finalizes Remuneration Standards for Investment Firms in EU
EBA finalized the two sets of draft regulatory technical standards on the identification of material risk-takers and on the classes of instruments used for remuneration under the Investment Firms Directive (IFD).
ECA Recommends Actions to Enhance Resolution Planning for Banks
EC published, in the Official Journal of the European Union, a notification that the European Court of Auditors (ECA) has published a special report on resolution planning in the Single Resolution Mechanism.
BoE Publishes Key Elements of the 2021 Stress Testing for Banks in UK
BoE published a scenario against which it will be stress testing banks in 2021, in addition to setting out the key elements of the 2021 stress test, guidance on the 2021 stress test, and the variable paths for the 2021 stress test.
PRA Proposes Rules on Identity Verification of Depositor Protection
PRA published a consultation paper (CP3/21) proposes rules regarding the timing of identity verification required for eligibility of depositor protection under the Financial Services Compensation Scheme (FSCS).
FSB Publishes Work Program for 2021
FSB published the work program for 2021, which reflects a strategic shift in priorities in the COVID-19 environment.
FCA Issues Update on Move to New Data Collection Platform
FCA announced that 50% firms have started using the new data collection platform RegData, which is slated to replace the existing platform known Gabriel.
Bundesbank Publishes Derivation Rules for Reporting by Banks
Bundesbank published Version 5.0 of the derivation rules for completeness check at the form level, with respect to the data quality of the European harmonized reporting system.
FED Revises Capital Planning and Stress Testing Requirements for Banks
FED finalized a rule that updates capital planning requirements to reflect the new framework from 2019 that sorts large banks into categories, with requirements that are tailored to the risks of each category.
