Featured Product

    FSB Examines Financial Stability Aspects of Bigtech and Cloud Services

    December 09, 2019

    FSB published two reports that consider the financial stability implications from the offering of financial services by bigtech firms and the adoption of cloud computing and data services across a range of functions at financial institutions. The report on bigtech in finance highlights that range of issues arise for policymakers, including with respect to additional financial regulation and oversight. The report on third-party dependencies in cloud services concludes that there do not appear to be immediate financial stability risks stemming from the use of cloud services by financial institutions. However, further discussion among authorities to assess the adequacy of regulatory standards and supervisory practices for outsourcing arrangements may be beneficial.

    Key highlights of report on bigtech in finance

    The report considers the financial stability implications of bigtech firms as they expand into offering financial services. Their entry into finance has numerous benefits, including the potential for greater innovation, diversification, and efficiency in the provision of financial services. They can also contribute to financial inclusion, particularly in emerging markets and developing economies, and may facilitate access to financial markets for small and medium-size enterprises. However, bigtech firms may also pose risks to financial stability. Some risks are similar to those from financial firms more broadly, stemming from leverage, maturity transformation and liquidity mismatches, and operational risks.

    A range of issues arise for policymakers, including with respect to additional financial regulation and oversight. Regulators and supervisors need to be mindful of the resilience and the viability of the business models of incumbent firms, given interlinkages with, and competition from, bigtech firms. The report highlights that three particular issues may be worthy of further consideration by policymakers: 

    • The first relates to the scope for bigtech firms to provide financial services from outside the traditional financial sector. In some jurisdictions, questions may arise questions on which financial regulation is applicable to bigtech firms carrying out financial activities and the degree to which such firms are bound by financial regulation. The presence of bigtech firms in financial services may also highlight the need to complement an entity-based approach with an activity-based approach to regulation. The regulatory authorities may wish to consider the relative size and risk of both large bigtech and smaller fintech firms.
    • Second, the diverse business lines of bigtech firms, coupled with their complex and varied interlinkages with traditional financial institutions, may be a source of risk and prompt vigilant monitoring. In some jurisdictions, there may also be a need to coordinate supervision of the financial activities of bigtech firms with the supervision of financial institutions’ use of third-party services from the same firms.
    • Third, bigtech firms’ ability to leverage customer data may raise the question of how financial authorities should approach data rights, particularly in the wider context of data protection regulations. Regulatory obligations for banks to share relevant data with new entrants (such as that embodied in open banking regulations) may enhance competition but may also pose new risks. Financial authorities may also benefit from close engagement with other regulatory agencies (for example, competition authorities and those involved with data protection).

    Key highlights of report on third-party dependencies in cloud services

    The report begins by describing the types of third-party dependencies and the features of cloud services markets and models. It then outlines the potential benefits and risks associated with cloud services, before moving on to take stock of the international guidelines that cover standards and practices with respect to outsourcing and third-party relationships. Finally, the report discusses the policy implications of this analysis and outlines the current and future work on outsourcing, third-party relationships, and cloud services at the international level. Going forward, a discussion among supervisory and regulatory authorities on approaches to these issues would be constructive. The report concludes that the following three areas could benefit from further work on:

    • Existing regulatory standards and supervisory practices for outsourcing arrangement and whether there is a need to further assess the systemic dimension of risks in financial institutions using public cloud services and, if appropriate, for standard-setting bodies to update current frameworks
    • Exploration of possibilities for better coordination and cooperation and information-sharing among authorities when considering cloud services used by financial institutions
    • Standardization efforts to ensure interoperability and data portability in cloud environments and the role authorities could have in relation to this ongoing work

    With respect to the ongoing work in this area at the international level, FSB is working on developing effective practices related to a financial institution’s response to, and recovery from, a cyber incident, including relations of a firm with third-party service providers. IAIS is working on the supervision of control functions with respect to insurers, which might include issues related to outsourcing of control functions. IAIS is also considering work on a best practices paper related to reliance of insurers on, and exposure to, specialist technology providers, in which cloud providers might be included. Furthermore, the IOSCO Board has approved a mandate for work on the risks associated with the use of third-party service providers and for updating the IOSCO principles on outsourcing in light of recent developments.


    Related Links

    Keywords: International, Banking, Insurance, Securities, Financial Stability, Bigtech, Cloud Service Providers, Third-Party Service Providers, FSB

    Related Articles

    APRA Publishes Results of Climate Risk Self-Assessment Survey

    The Australian Prudential Regulation Authority (APRA) has published the findings of its latest climate risk self-assessment survey conducted across the banking, insurance, and superannuation industries.

    August 04, 2022 WebPage Regulatory News

    ACPR Publishes Updates Related to CRD IV and Covered Bonds

    The French Prudential Supervisory Authority (ACPR) published a notice related to the methods for calculating and publishing prudential ratios under the Capital Requirements Directive (CRD IV) and the minimum requirement for own funds and eligible liabilities (MREL).

    August 03, 2022 WebPage Regulatory News

    BIS Paper Contributes to Debate on Regulating NBFIs and Big Techs

    The Financial Stability Institute (FSI) of the Bank for International Settlements recently published a paper proposing a framework for classifying financial stability regulation as either entity-based or activity-based.

    August 03, 2022 WebPage Regulatory News

    EIOPA Publishes Guidance on Climate Change Scenarios in ORSA

    The European Insurance and Occupational Pension Authority (EIOPA) published the risk dashboard based on Solvency II data and the final version of the application guidance on climate change materiality assessments and climate change scenarios in the Own Risk and Solvency Assessment (ORSA).

    August 02, 2022 WebPage Regulatory News

    EBA and ECB Respond to Proposals on Sustainability Disclosures

    The European Banking Authority (EBA) and the European Central Bank (ECB) published their responses to the consultations of the International Sustainability Standards Board (ISSB) and the European Financial Reporting Advisory Group (EFRAG) on sustainability-related disclosure standards.

    August 01, 2022 WebPage Regulatory News

    BIS Report Notes Existing Gaps in Climate Risk Data at Central Banks

    A Consultative Group on Risk Management (CGRM) at the Bank for International Settlements (BIS) published a report that examines incorporation of climate risks into the international reserve management framework.

    July 29, 2022 WebPage Regulatory News

    EBA Publishes Multiple Regulatory Updates for Regulated Entities

    The European Banking Authority (EBA) published the final guidelines on liquidity requirements exemption for investment firms, updated version of its 5.2 filing rules document for supervisory reporting, and Single Rulebook Question and Answer (Q&A) updates in July 2022.

    July 29, 2022 WebPage Regulatory News

    EIOPA Issues SII Taxonomy and Guide on Sustainability Preferences

    The European Insurance and Occupational Pensions Authority (EIOPA) published Version 2.8.0 of the Solvency II data point model (DPM) and XBRL taxonomy.

    July 29, 2022 WebPage Regulatory News

    EESC Opines on Proposals on CRR and European Single Access Point

    The European Union published, in the Official Journal of the European Union, an opinion from the European Economic and Social Committee (EESC); the opinion is on the proposal for a regulation to amend the Capital Requirements Regulation (CRR).

    July 29, 2022 WebPage Regulatory News

    HM Treasury Publishes Multiple Regulatory Updates in July 2022

    HM Treasury published a draft statutory instrument titled “The Financial Services (Miscellaneous Amendments) (EU Exit) Regulations 2022,” along with the related explanatory memorandum and impact assessment.

    July 29, 2022 WebPage Regulatory News
    RESULTS 1 - 10 OF 8423