ESMA published a consultation paper on guidelines on outsourcing to cloud service providers. The consultation is open until September 01, 2020 and seeks feedback from both national competent authorities and financial market participants that use cloud services provided by third parties. The consultation is also important for cloud service providers, as the draft guidelines aim to ensure that potential risks firms may face from the use of cloud services are properly addressed. ESMA aims to publish the final report on the guidelines by the first quarter of 2021.
The proposed guidelines are consistent with the EBA recommendations on outsourcing to cloud service providers, which were subsequently incorporated into the revised EBA guidelines on outsourcing arrangements in February 2019, and the EIOPA guidelines on cloud outsourcing that were published in February 2020. The guidelines cover the outsourcing requirements applicable to financial market participants when they outsource to cloud service providers. They are intended to help firms and competent authorities identify, address, and monitor the risks and challenges that arise from cloud outsourcing arrangements—from making the decision to outsource, selecting a cloud service provider, and monitoring outsourced activities to providing for exit strategies. The proposed guidelines set out the:
- Governance, documentation, oversight, and monitoring mechanisms that firms should have in place
- Assessment and due diligence that should be undertaken prior to outsourcing
- Minimum elements that outsourcing and sub-outsourcing agreements should include
- Exit strategies and the access and audit rights that should to be catered for
- Notification to competent authorities
- Supervision by competent authorities
Comment Due Date: September 01, 2020
Keywords: Europe, EU, Banking, Insurance, Securities, PMI, Cloud Computing, Third Party Arrangements, Outsourcing Arrangements, ESMA
EBA published a report on the implementation of selected COVID-19 policies within the prudential framework for banking sector.
BCBS published the eighteenth progress report on implementation of the Basel III regulatory framework in member jurisdictions.
BCBS amended the guidelines on sound management of risks related to money laundering and financing of terrorism (ML/FT).
US Agencies (Farm Credit Administration, FDIC, FED, FHFA, and OCC) finalized changes to the swap margin rule to facilitate implementation of prudent risk management strategies at banks and other entities with significant swap activities.
PRA published a letter that builds on the expectations set out in the supervisory statement (SS3/19) on enhancing banks' and insurers' approaches to managing the financial risks from climate change.
EBA finalized the guidelines on treatment of structural foreign-exchange (FX) positions under Article 352(2) of the Capital Requirements Regulation (CRR).
FSB published a statement on the impact of COVID-19 pandemic on global benchmark transition.
IAIS published the list of Internationally Active Insurance Groups (IAIGs) publicly disclosed by group-wide supervisors.
FED has temporarily revised the reporting form on consolidated financial statements for holding companies (FR Y-9C; OMB No. 7100-0128).
EC launched a consultation on the review of the key elements of Solvency II Directive, with the comment period ending on October 21, 2020.