Financial services institutions are moving to the cloud. As firms migrate to cloud-based solutions they increasingly use third parties to deliver critical services to customers. This has regulators worried because they see that the industry is starting to rely on a narrow set of cloud service providers and they believe outages and disruptions are inevitable. Operational Resilience must increasingly focus on third-party risk and how to manage it.
This datasheet summarizes the key industry and regulatory developments to be aware of for third party risk management. These include the European Cloud User Coalition (ECUC) Position Paper, and the European Banking Authority (EBA) and Bank of England (BoE) guidelines on outsourcing arrangements.