BaFin published guidance on outsourcing to cloud service providers. This guidance, which represents a joint assessment by BaFin and the Deutsche Bundesbank, is addressed to credit institutions, financial services institutions, insurance undertakings, pension funds, investment services enterprises, capital management companies, payment institutions, and e-money institutions. The guidance does not establish any new requirements but instead reflects the current supervisory practice in outsourcing cases.
The guidance pursues the objective of creating, for the supervised entities, an awareness of the issues involved in dealing with cloud services and the related requirements of supervisory law. It draws attention to various aspects that the supervised entities should take into account when outsourcing to cloud service providers, for example, in the context of risk analysis and contractual terms. Over the past months, BaFin and Bundesbank have been in discussions with cloud service providers as well as with the supervised entities about plans for outsourcing to cloud service providers. Furthermore, at the EIOPA and the EBA levels, within the Single Supervisory Mechanism, as well as bilaterally between the national supervisory authorities, a constant exchange about how to deal with outsourcing to cloud service providers has emerged.
Keywords: Europe, Germany, Banking, Insurance, Securities, Cloud Outsourcing, Guidance, Cloud Computing, Operational Risk, Bundesbank, BaFin
Previous ArticleIASB Publishes Work Plan and Meeting Updates for June 2019
APRA announced the standardization of quarterly reporting due dates for authorized deposit-taking institutions.
EBA published the phase 1 of its reporting framework 3.1, with the technical package covering the new reporting requirements for investment firms (under the implementing technical standards on investment firms reporting).
HM Treasury notified that, after considering all responses, the government intends to bring forward further legislation, when the Parliamentary time allows, to address issues identified in the consultation on supporting the wind-down of critical benchmarks.
EIOPA launched the 2021 stress test for the insurance sector in EU.
UK authorities jointly published the third edition of Regulatory Initiatives Grid setting out the planned regulatory initiatives for the next 24 months.
EC is requesting feedback on the proposed Commission Delegated Regulation on the content, methodology, and presentation of information that large financial and non-financial undertakings should disclose about their environmentally sustainable economic activities under the Taxonomy Regulation.
OSFI has set out the near-term priorities for federally regulated financial institutions and federally regulated private pension plans for the coming months until March 31, 2022.
Under the Italian G20 Presidency, BIS Innovation Hub and the Italian central bank BDI launched the second edition of the G20 TechSprint on the lookout for innovative solutions to resolve operational problems in green and sustainable finance.
ACPR published Version 1.0.0 of the RUBA taxonomy, which will come into force from the decree of January 31, 2022.
EBA proposed the regulatory technical standards on a central database on anti-money laundering and countering the financing of terrorism (AML/CFT) in EU.