BOM Proposes Guidelines on Use of Cloud Services and Private Banking
The Bank of Mauritius (BoM) is consulting on revisions to the guideline for banks licensed to carry on private banking business, with the consultation period ending on September 15, 2021. The guideline sets out the regulatory and supervisory framework applicable to banks conducting private banking business. Private banking business is defined in the Banking Act 2004 as “the business of offering banking and financial services and products to high-net-worth customers including, but not limited to, an all-inclusive money-management relationship.” BoM also published a draft guideline on the use of cloud services by financial institutions, with the consultation period ending on September 08, 2021.
The guideline on the use of cloud services lays down the minimum requirements that shall be applicable to the use of cloud services provided by third parties for material services. Where specified in the guideline, these minimum requirements shall also apply to services that involve customer information. Financial institutions are expected to follow a risk-based approach in respect of cloud services. The level of governance to be applied, the information security requirements, the types of controls to be deployed, and the level of the initial and ongoing due diligence and assurance to be performed shall be commensurate with the criticality of the services. The guideline stipulates that financial institutions that use or intend to use cloud services shall have a board-approved
cloud strategy. Post finalization, a transitional period of six months shall be granted to all financial institutions to ensure compliance with the requirements of the guideline. In addition to this guideline, the financial institutions should also comply with the Guideline on Outsourcing by Financial Institutions in the event an outsourced activity avails of the use of cloud services.
Related Links
Comment Due Date: September 15, 2021(Private Banking)/September 08, 2021 (Cloud Services)
Keywords: Middle East and Africa, Mauritius, Banking, Cloud Services, Private Banking, Regtech, Cloud Computing Arrangement, Outsourcing Arrangements, SAAS, PAAS, BOM
Previous Article
SBV Proposes to Develop Law on Bad Debt ResolutionRelated Articles
EU Agencies Update LCR Rule and Macro-Prudential Policy Recommendation
The European Commission (EC) published the Delegated Regulation 2022/786 with regard to the liquidity coverage requirements for credit institutions under the Capital Requirements Regulation (CRR).
EBA Publishes Regulatory Standards to Identify Shadow Banking Entities
The European Banking Authority (EBA) published the final draft regulatory technical standards specifying the criteria to identify shadow banking entities for the purposes of reporting large exposures.
EIOPA Examines Physical Climate Risk Exposure, SII Non-Compliance
The European Insurance and Occupational Pensions Authority (EIOPA) published a report assessing insurers' exposure to physical climate change risks
EC Publishes Results on Review of Web Accessibility Directive
The European Commission (EC) published the results of a public consultation, held in October 2021, on the review of the Web Accessibility Directive.
NGFS Report Explores Quantification of Climate Risk Differentials
The Network for Greening the Financial System (NGFS) published two reports to aid central banks and regulators in their oversight of the financial sector and in their central bank operations
MAS Consults on Adjustment Spreads for Conversion of SOR Contracts
The Monetary Authority of Singapore (MAS) and the SC-STS are jointly consulting, until June 10, 2022, on setting adjustment spreads for the conversion of legacy SOR contracts to SORA reference rate.
OSFI Discusses Benchmark Rate Transition, Sets Out Work Priorities
The Office of the Superintendent of Financial Institutions (OSFI) published the strategic plan for 2022-2025 and the departmental plan for 2022-23.
EBA Proposes Standards to Support Secondary NPL Markets
The European Banking Authority (EBA) is consulting, until August 31, 2022, on the draft implementing technical standards specifying requirements for the information that sellers of non-performing loans (NPLs) shall provide to prospective buyers.
EU Confirms Agreement on Rules on Cybersecurity and Banking Resolution
The European Council and the Parliament reached an agreement on the revised Directive on security of network and information systems (NIS2 Directive).
EBA Issues Standards for Crowdfunding Service Providers Under ECSPR
The European Banking Authority (EBA) published the final draft regulatory technical standards specifying information that crowdfunding service providers shall provide to investors on the calculation of credit scores and prices of crowdfunding offers.
