The European Securities and Markets Authority (ESMA), has published a consultation paper on guidelines on outsourcing to cloud service providers, the securities markets regulator announced today.
According to the announcement, the guidelines’ purpose is to provide guidance on the outsourcing requirements applicable to financial market participants when they outsource to cloud service providers.
They aim specifically to help firms and competent authorities identify, address and monitor the risks and challenges that arise from cloud outsourcing arrangements.
Did COVID-19 Save the Forex Industry?Go to article >>
They also include guidance on the minimum elements that outsourcing and sub-outsourcing agreements should include and the exit strategies and the access and audit rights that should to be catered for.
Additionally, the guidelines set out the notification to competent authorities and the supervision by competent authorities.
ESMA said that the proposed guidelines are consistent with the recommendations on outsourcing to cloud service providers published by the European Banking Authority (EBA) in February 2017 and subsequently incorporated into revised EBA guidelines on outsourcing arrangements in February 2019, and the guidelines on cloud outsourcing published by the European Insurance and Occupational Pensions Authority (EIOPA) in February 2020.