The Draft Guidelines, which review the existing CEBS Guidelines on Outsourcing published in (CEBS Guidelines), are the EBA’s. on outsourcing. by PLC Financial Services. Related Content. CEBS: Guidelines on outsourcing. by PLC Financial Services. Related Content. They review the existing Committee of European Banking Supervisors (CEBS) guidelines on outsourcing, which were published in

Author: Viktilar Sakora
Country: Burma
Language: English (Spanish)
Genre: Education
Published (Last): 4 January 2005
Pages: 165
PDF File Size: 4.83 Mb
ePub File Size: 15.31 Mb
ISBN: 296-4-89596-362-7
Downloads: 27871
Price: Free* [*Free Regsitration Required]
Uploader: Tole

Weekly Newsletter Receive personalised Out-Law content in your inbox. September 24, Keywords: The Recommendation on outsourcing to cloud service providers, published in Decemberhas also outsourciing integrated into the Guidelines. The Guidelines specify a.

EBA consults on Guidelines on outsourcing

Institutions and payment institutions should ensure that the service provider grants them and their cegs authorities complete access to all relevant business premises. It has still to confirm when in that paper will be published. The revised guidelines cover credit institutions and investment firms subject to the Capital Requirements Directive CRDbut also payment institutions subject to febs revised Payment Services Directive PSD2 and electronic money institutions subject to the e-money Directive.

December 18, WebPage Regulatory News.

EBA Consults on Outsourcing Arrangements

The outsourcing agreement should specify whether or not the service provider outtsourcing sub-contract the provision of a critical or important function. Many attendees at the Public Consultation noted that this scope was unduly onerous and would become administratively burdensome for firms to manage. These recommendations, addressed to credit institutions, investment firms, and competent authorities Cloud Recommendations Addresseesexamine the key considerations for a relevant institution that outsources services to a cloud environment.

Shane Barber Managing Partner Australia. The Cloud Recommendations were published ahead of the full revision of the CEBS Guidelines, due to demand for timely guidance in this area.

In particular, each Financial Institution should ensure that the selection of a group entity is based on objective reasons, the conditions of the outsourcing arrangement are set at arms length and that they explicitly deal with any conflicts of interests that the outsourcing arrangement may entail.

In the Draft Guidelines, the expected timeline for implementation of the new guidelines is 30 June and the grace period for updating existing outsourcing arrangements in line with the new guidelines is 31 December The guidelines clarify aspects related to the contractual arrangements, the monitoring and documentation of outsourcing arrangements, and the supervision by competent authorities.

The draft Guidelines require a Financial Institution to identify the outsourcing of critical or important functions and impose stricter requirements on such outsourcing as compared to other outsourcing arrangements. Certain competent authorities, such as BaFin in Germany, have already confirmed that they will postpone local implementation of the Cloud Recommendations until such time as the recommendations are integrated into the new outsourcing guidelines and, at that time, will comply with the fixed timeline for such guidelines see The Recommendations Compliance Table.


Outsourcing is relevant in the context of gaining or maintaining access to the EU financial market.

EBA to issue final outsourcing guidelines in early The European Banking Authority will issue final guidelines early next lutsourcing on what banks and other financial institutions should have in place when outsourcing some of their functions to third parties, huidelines cloud providers.

Also, institutions and payments institutions are required to maintain a register of all outsourcing arrangements. One attendee at the Public Consultation requested that the EBA extend the timeline for implementation, but whether the EBA will heed this or any of outsougcing recommendations made at the Public Consultation, remains to be seen.

The EBA has said that it will issue a follow-up report or opinion on “the implementation” of its cloud outsourcing recommendations. Institutions and payment institutions should ensure that service providers, where relevant, comply with. The Guidelines will now apply to credit institutions and investment firms jointly “institutions”as well as payment institutions and electronic money institutions jointly “payment institutions”.

Next Steps The Public Consultation consisted of industry bodies, bank representatives, law firms, service providers and industry utilities in deep discussion and questioning the EBA for two hours. Are you looking for someone or something in particular? It should cover at least:.

Institutions guidelinez payment institutions should have sound internal governance arrangements which include a clear organisational structure. The European Council presidency and the European Parliament agreed on a new framework for dealing with the non-performing loans NPLs of banks. The additional requirements include provisions regarding: The Guidelines provide the responsibilities of the management body for the establishment of guidelinse appropriate framework for outsourcing, its implementation and application in a group, the.

Looking for news over 5 years old? December 19, WebPage Regulatory News. Also notably, this FCA announcement was most likely a political nod to European regulators that UK financial services firms are expected to remain compliant with the outtsourcing European guidance on outsourcing to the cloud.

As many In-scope Entities set about moving key operations out of the UK and to other EU member states, intra-group outsourcing arrangements will become increasingly critical.

Cookies on Pinsent Masons website Our website uses cookies and similar technologies to allow us to promote our services and enhance your browsing experience. In-Scope Entities, therefore, need to start thinking, ahead of the implementation date, about how best to reconcile the gudelines to engage with start-ups and innovation hubs within a reasonably rigid framework of rules guidelihes requirements for third-party contracting.


According to the EBA, Financial Institutions also need to consider the risks associated with receiving services from third parties, even when these arrangements are not considered to be outsourcing arrangements. December 20, WebPage Regulatory News. Yvonne Dunn Partner View profile. Outsourcing to service providers located outside the EEA must be subject to additional safeguards that ensure that they do not lead to an undue increase of risks or impair the ability of competent authorities to effectively supervise institutions and payment institutions.

Discussion of Key Themes. That said, the potential systemic risk implications of the use of cloud arrangements is an area of focus for banking regulators and should be monitored going forward. Pinsent Masons said that competition and digital innovation at banks is at risk unless significant changes are made to the EBA’s draft guidelines on outsourcing.

A further report on regulatory technologies regtech is also expected to be issued towards the end of next year, it said.

EBA consults on Guidelines on outsourcing

Here you can read the Guidelines. Among other things, the draft Guidelines specify certain conditions that must be met before a Financial Institution outsources banking activities or payment services that require guidelknes or registration by a competent authority in the Member State where the Financial Institution is authorised.

The draft Guidelines set out a number of requirements as to how risk is to be assessed. The draft Guidelines stipulate that the outsourcing policy should consider the main phases of the life cycle of outsourcing arrangements and define the principles, responsibilities and guifelines in relation to outsourcing.

This announcement by the FCA albeit made to very little fanfare was generally welcomed by both UK financial institutions and cloud providers as the announcement relieves them of the burden of complying with two sets of guidance which, though similar, included nuanced differences. Institutions and payment institutions should ensure that service providers, where relevant, comply with appropriate information security standards.