BaFin Publishes Guidance on Outsourcing to Cloud Service Providers
BaFin published guidance on outsourcing to cloud service providers. This guidance, which represents a joint assessment by BaFin and the Deutsche Bundesbank, is addressed to credit institutions, financial services institutions, insurance undertakings, pension funds, investment services enterprises, capital management companies, payment institutions, and e-money institutions. The guidance does not establish any new requirements but instead reflects the current supervisory practice in outsourcing cases.
The guidance pursues the objective of creating, for the supervised entities, an awareness of the issues involved in dealing with cloud services and the related requirements of supervisory law. It draws attention to various aspects that the supervised entities should take into account when outsourcing to cloud service providers, for example, in the context of risk analysis and contractual terms. Over the past months, BaFin and Bundesbank have been in discussions with cloud service providers as well as with the supervised entities about plans for outsourcing to cloud service providers. Furthermore, at the EIOPA and the EBA levels, within the Single Supervisory Mechanism, as well as bilaterally between the national supervisory authorities, a constant exchange about how to deal with outsourcing to cloud service providers has emerged.
Keywords: Europe, Germany, Banking, Insurance, Securities, Cloud Outsourcing, Guidance, Cloud Computing, Operational Risk, Bundesbank, BaFin
Previous ArticleIOSCO Updates Peer Reviews on Regulation of Securitizations and MMFs
CFPB Finalizes Rule on Small Business Lending Data Collection
The Consumer Financial Protection Bureau (CFPB) published a final rule that sets out data collection requirements on small business lending, under section 1071 of the Dodd-Frank Act.
BCBS to Consult on Pillar 3 Climate Risk Disclosures by End of 2023
The Bank for International Settlements (BIS) published a summary of the recent Basel Committee (BCBS) meetings.
FINMA Approves Merger of Credit Suisse and UBS
The Swiss Financial Market Supervisory Authority (FINMA) has approved the takeover of Credit Suisse by UBS.
BOE Sets Out Its Thinking on Regulatory Capital and Climate Risks
The Bank of England (BOE) published a working paper that aims to understand the climate-related disclosures of UK financial institutions.
US Congress Report Examines Data Privacy and Cybersecurity Regulations
The U.S. Congressional Research Service published a report on banking, data privacy, and cybersecurity regulation.
OSFI Finalizes on Climate Risk Guideline, Issues Other Updates
The Office of the Superintendent of Financial Institutions (OSFI) is seeking comments, until May 31, 2023, on the draft guideline on culture and behavior risk, with final guideline expected by the end of 2023.
EU to Conduct One-Off Scenario Analysis to Assess Transition Risk
The European authorities recently made multiple announcements that impact the banking sector.
APRA Assesses Macro-Prudential Policy Settings, Issues Other Updates
The Australian Prudential Regulation Authority (APRA) published an information paper that assesses its macro-prudential policy settings aimed at promoting stability at a systemic level.
BIS Paper Examines Impact of Greenhouse Gas Emissions on Lending
BIS issued a paper that investigates the effect of the greenhouse gas, or GHG, emissions of firms on bank loans using bank–firm matched data of Japanese listed firms from 2006 to 2018.
HMT Mulls Alignment of Ring-Fencing and Resolution Regimes for Banks
The HM Treasury (HMT) is seeking evidence, until May 07, 2023, on practicalities of aligning the ring-fencing and the banking resolution regimes for banks.