Featured Product

    IOSCO Consults on Outsourcing Principles for Operational Resilience

    May 28, 2020

    IOSCO proposed updates to its principles for regulated entities that outsource tasks to service providers. The proposed Principles on Outsourcing are based on IOSCO´s 2005 Outsourcing Principles for Market Intermediaries and the 2009 Outsourcing Principles for Markets but their application has been expanded to include trading venues, market participants acting on a proprietary basis, credit rating agencies, and financial market infrastructures. The consultation period ends on October 01 2020.

    The revised principles comprise a set of fundamental precepts and a set of seven principles. The consultation report contains sections on particular sectors and issues, with Annex A providing a report on outsourcing among credit rating agencies, including the use of cloud computing. The fundamental precepts cover issues such as the definition of outsourcing, the assessment of materiality and criticality, their application to affiliates, the treatment of sub-contracting, and outsourcing on a cross-border basis. The seven principles cover the following areas, with each of these principles being supplemented with guidance for implementation:

    • Due diligence in the selection and monitoring of a service provider
    • The contract with a service provider
    • Information security, business resilience, continuity and disaster recovery
    • Confidentiality Issues
    • Concentration of outsourcing arrangements
    • Access to data, premises, personnel, and associated rights of inspection
    • Termination of outsourcing arrangements 

    Since the publication of IOSCO´s earlier principles on outsourcing for market intermediaries and for markets, developments in markets and technology have increased regulatory attention on risks related to outsourcing and the need to ensure the operational resilience of regulated entities. IOSCO prepared this report before the COVID-19 outbreak. However, on April 08, 2020, the IOSCO Board agreed to delay publication of its reports to allow firms and financial institutions to redirect their resources to focus on the challenges arising from the pandemic. As the initial stages of this crisis pass, the IOSCO Board has decided to publish this report now because the outbreak of COVID-19 has highlighted the need to ensure resilience in operational activities and to maintain business continuity in situations where both external and often unforeseen shocks impact both firms and their service providers. To account for the ongoing resource constraints on financial institutions, however, the consultation period goes well beyond the typical 90-day comment period and will end on October 01, 2020. The consultation report includes a set of questions, including one of particular relevance during the current COVID-19 pandemic: What measures for business continuity would be effective in situations where all, or a significant portion, of both the outsourcers’ and third-party providers’ work force is working remotely? In particular, what steps should be taken so Cyber Security and Operational Resilience can be ensured?” 

     

    Related Links

    Comment Due Date: October 01, 2020

    Keywords: International, Banking, Securities, PMI, Credit Rating Agencies, Operational Risk, Outsourcing, Third-party Arrangements, Cloud Computing, COVID-19, IOSCO

    Related Articles
    News

    APRA Publishes Results of Climate Risk Self-Assessment Survey

    The Australian Prudential Regulation Authority (APRA) has published the findings of its latest climate risk self-assessment survey conducted across the banking, insurance, and superannuation industries.

    August 04, 2022 WebPage Regulatory News
    News

    ACPR Publishes Updates Related to CRD IV and Covered Bonds

    The French Prudential Supervisory Authority (ACPR) published a notice related to the methods for calculating and publishing prudential ratios under the Capital Requirements Directive (CRD IV) and the minimum requirement for own funds and eligible liabilities (MREL).

    August 03, 2022 WebPage Regulatory News
    News

    BIS Paper Contributes to Debate on Regulating NBFIs and Big Techs

    The Financial Stability Institute (FSI) of the Bank for International Settlements recently published a paper proposing a framework for classifying financial stability regulation as either entity-based or activity-based.

    August 03, 2022 WebPage Regulatory News
    News

    EIOPA Publishes Guidance on Climate Change Scenarios in ORSA

    The European Insurance and Occupational Pension Authority (EIOPA) published the risk dashboard based on Solvency II data and the final version of the application guidance on climate change materiality assessments and climate change scenarios in the Own Risk and Solvency Assessment (ORSA).

    August 02, 2022 WebPage Regulatory News
    News

    EBA and ECB Respond to Proposals on Sustainability Disclosures

    The European Banking Authority (EBA) and the European Central Bank (ECB) published their responses to the consultations of the International Sustainability Standards Board (ISSB) and the European Financial Reporting Advisory Group (EFRAG) on sustainability-related disclosure standards.

    August 01, 2022 WebPage Regulatory News
    News

    BIS Report Notes Existing Gaps in Climate Risk Data at Central Banks

    A Consultative Group on Risk Management (CGRM) at the Bank for International Settlements (BIS) published a report that examines incorporation of climate risks into the international reserve management framework.

    July 29, 2022 WebPage Regulatory News
    News

    EBA Publishes Multiple Regulatory Updates for Regulated Entities

    The European Banking Authority (EBA) published the final guidelines on liquidity requirements exemption for investment firms, updated version of its 5.2 filing rules document for supervisory reporting, and Single Rulebook Question and Answer (Q&A) updates in July 2022.

    July 29, 2022 WebPage Regulatory News
    News

    EIOPA Issues SII Taxonomy and Guide on Sustainability Preferences

    The European Insurance and Occupational Pensions Authority (EIOPA) published Version 2.8.0 of the Solvency II data point model (DPM) and XBRL taxonomy.

    July 29, 2022 WebPage Regulatory News
    News

    EESC Opines on Proposals on CRR and European Single Access Point

    The European Union published, in the Official Journal of the European Union, an opinion from the European Economic and Social Committee (EESC); the opinion is on the proposal for a regulation to amend the Capital Requirements Regulation (CRR).

    July 29, 2022 WebPage Regulatory News
    News

    HM Treasury Publishes Multiple Regulatory Updates in July 2022

    HM Treasury published a draft statutory instrument titled “The Financial Services (Miscellaneous Amendments) (EU Exit) Regulations 2022,” along with the related explanatory memorandum and impact assessment.

    July 29, 2022 WebPage Regulatory News
    RESULTS 1 - 10 OF 8423