In April this year the Bank of England (the Bank) shared a series of proposals focused on outsourcing and third-party risk management within financial market infrastructure firms (FMIs).
It follows publication of its operational resilience policy last year, ‘designed to improve the operational resilience of FMIs and protect the wider financial sector’. This noted that a major priority for the Bank, the Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA) was to create a robust regulatory framework to ‘promote operational resilience’ amongst FMIs.
Taken together, it demonstrates the Bank’s continued drive towards operational resilience amongst financial services providers, given increased reliance on third-party technology and software.
The Bank concludes in its guidelines that this reliance, in particular for cloud services, is enhancing the risk landscape and requires a clear regulatory response.
The proposals are therefore intended to:
- Facilitate greater resilience and adoption of new technologies, as set out in its Future of Finance report
- Set expectations and requirements in relation to outsourcing and third-party risk management…
