FSB published a discussion paper on the regulatory and supervisory issues related to outsourcing and third-party relationships. The discussion paper presents an overview of the evolving regulatory and supervisory landscape for outsourcing and third-party risk management in FSB member jurisdictions. It briefly describes the existing regulatory and supervisory approaches and outlines the common regulatory and supervisory challenges associated with outsourcing and third-party risk management, also identifying key issues for further exploration. FSB is seeking comments, by January 08, 2021, on the questions set out in the discussion paper.
In January-March 2020, the FSB Standing Committee on Supervisory and Regulatory Cooperation (SRC) conducted a survey among member jurisdictions on the existing regulatory and supervisory landscape for outsourcing and third-party risk management, including cross-border supervisory challenges and potential financial stability issues. The discussion paper provides a high-level overview of the existing landscape based on the survey findings as well as the preliminary observations from authorities’ and financial institutions’ recent responses to the COVID-19 pandemic. The paper intends to facilitate and inform discussions among authorities, financial institutions, and third parties on how to address the issues identified in the SRC survey and the 2019 FSB report on third-party dependencies in cloud services. The discussion has highlighted the following key challenges faced by supervisory authorities:
- Practical limitations on the ability to ensure that financial institutions appropriately manage the risks in their outsourcing and third-party agreements (including risks in the third party’s wider supply chain)
- Limitations on their ability to effectively oversee supervised financial institutions’ outsourcing and third-party arrangements in a cross-border context
- Challenges in identifying, monitoring, and managing potential systemic risks related to financial institutions’ use of outsourcing and third-party arrangements, particularly, due to concentration in the provision of third-party services and lack of relevant information
The high pace of evolution of third-party relationships, including where and how financial institutions use third-party providers, can make understanding and managing these risks more complex. In the paper, FSB highlights that additional analysis may be considered to better understand the risks posed by the changing landscape of outsourcing and third-party relationships. The additional analysis may also be considered to better understand whether the existing approaches allow financial institutions to capture the benefits of outsourcing and third-party relationships while sufficiently addressing the risks that these relationships may pose to financial institutions. The discussion paper emphasizes that effective cross-border cooperation and dialog among supervisory authorities as well as the effective application of existing standards and other emerging practices are important to address these challenges and risks.
Comment Due Date: January 08, 2021
Keywords: International, Banking, Insurance, Securities, COVID-19, Third-Party Risk, Systemic Risk, Outsourcing Risk, Cloud Computing, FSB
Across 35 years in banking, Blake has gained deep insights into the inner working of this sector. Over the last two decades, Blake has been an Operating Committee member, leading teams and executing strategies in Credit and Enterprise Risk as well as Line of Business. His focus over this time has been primarily Commercial/Corporate with particular emphasis on CRE. Blake has spent most of his career with large and mid-size banks. Blake joined Moody’s Analytics in 2021 after leading the transformation of the credit approval and reporting process at a $25 billion bank.
Previous ArticlePRA Issues Guidance on Capital Distributions by Large UK Banks
The U.S. regulators recently released baseline and severely adverse scenarios, along with other details, for stress testing the banks in 2024. The relevant U.S. banking regulators are the Federal Reserve Bank (FED), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC).
The regulatory landscape for artificial intelligence (AI), including the generative kind, is evolving rapidly, with governments and regulators aiming to address the challenges and opportunities presented by this transformative technology.
The European Union (EU) has been working on the final elements of Basel III standards, with endorsement of the Banking Package and the publication of the European Banking Authority (EBA) roadmap on Basel III implementation in December 2023.
The European Financial Reporting Advisory Group (EFRAG), which plays a crucial role in shaping corporate reporting standards in European Union (EU), is seeking comments, until May 21, 2024, on the Exposure Draft ESRS for listed SMEs.
Banking regulators worldwide are increasingly focusing on addressing, monitoring, and supervising the institutions' exposure to climate and environmental risks.
The use cases of generative AI in the banking sector are evolving fast, with many institutions adopting the technology to enhance customer service and operational efficiency.
As part of the increasing regulatory focus on operational resilience, cyber risk stress testing is also becoming a crucial aspect of ensuring bank resilience in the face of cyber threats.
A few years down the road from the last global financial crisis, regulators are still issuing rules and monitoring banks to ensure that they comply with the regulations.
The European Commission (EC) recently issued an update informing that the European Council and the Parliament have endorsed the Banking Package implementing the final elements of Basel III standards
The Swiss Federal Council recently decided to further develop the Swiss Climate Scores, which it had first launched in June 2022.