News

SUBSCRIBE to our weekly e-mail (with live links) for just €5 per month
+++++++++++++++

ELEC Paper: Why EU Capital Markets Union has become a “must have” and how to get there -Feb 2024

My collected papers - 1989/1993: Market Discipline in EMU

Public Information

Expand

Graham Bishop Consultancy

Friends of GrahamBishop.com

Brussels 4 Breakfast

CPD / Education and Learning

Graham Bishop - Biography

Graham's Blogs

Graham's Media Activities

Graham's Speeches

Graham's Writing

Press Resources

Photographs

My `pro bono' work

How you can support this work

Why my `pro bono' work is relevant to markets

Technical Difficulties

Privacy Policy

Terms and Conditions

Tweets by @GrahamBishopcom

Follow @GrahamBishopcom

Article List:

Insurance Europe: EI...
EBA concludes that n...
Insurance Europe: In...
Commercial Risk Euro...
EIOPA: Gabriel Berna...
EIOPA: Supervisory s...
EIOPA: Roundtable di...
>>EIOPA: Guidelines on...
EIOPA: Discussion op...
Commercial Risk Euro...
EIOPA: European insu...
Insurance Europe: So...
EIOPA publishes info...
EFRAG: IFRS 17 limit...
Commercial Risk Euro...

Home>Capital Markets Union>Financial Institutions>Insurance

Print Page Save to My Library <Next Article Previous Article>

06 February 2020

EIOPA: Guidelines on outsourcing to cloud service providers now available for national supervisory authorities

The Guidelines shall provide guidance to market participants on how the outsourcing provisions set forth in the Directive 2009/138/EC, in the Commission's Delegated Regulation 2015/35 and in EIOPA's Guidelines on System of Governance need to be applied in the case of outsourcing to cloud service providers.

The use of cloud outsourcing is a common practice to all financial undertakings and not only to insurance and reinsurance undertakings. Moreover, the main associated risks are similar across sectors. Acknowledging these facts and recognising the potential risks of regulatory fragmentation, in developing these guidelines - in addition to the (re)insurance provisions on outsourcing - EIOPA also considered the most recent guidance published by the European Banking Authority. [...]

EIOPA's Guidelines cover the following areas:

Criteria to distinguish whether cloud services should be considered within the scope of outsourcing

Principles and elements of governance of cloud outsourcing including documentation requirements and list of information part of the notification to supervisory authorities

Pre-outsourcing analysis, including a set of criteria to be followed to assess whether a cloud outsourcing arrangement relates to an operational function or activity that is critical or important; and principle based instructions on how the risk assessment of the cloud outsourcing and the due diligence on the cloud service providers should be performed;

Contractual requirements

Management of access and audit rights; security of data and systems; sub-outsourcing of critical or important operational functions or activities, monitoring and oversight of cloud outsourcing and exit strategies

Principle based instructions for the national supervisory authorities on the supervision of cloud outsourcing arrangements including, where applicable, at group level.

Full news on EIOPA

Full guidelines on EIOPA

© EIOPA

< Next Previous >

Key
Hover over the blue highlighted text to view the acronym meaning
Hover over these icons for more information

Comments:

No Comments for this Article

Add new comment

Show name and company details

Follow Us

News

Public Information

Article List:

06 February 2020

EIOPA: Guidelines on outsourcing to cloud service providers now available for national supervisory authorities

© EIOPA

Key

Comments: