LONDON - The Bank of England, along with the Financial Conduct Authority (FCA) and the Prudential (LON:PRU) Regulation Authority (PRA), has proposed new draft rules aimed at managing the financial sector's growing reliance on third-party technology firms like Amazon (NASDAQ:AMZN) Web Services (AWS) and Microsoft (NASDAQ:MSFT). These regulations are designed to ensure the resilience of essential services provided by critical third parties (CTPs) to the finance-related firms and infrastructures, a move that underscores the importance of operational stability in the UK's financial system.
The draft rules set forth comprehensive requirements for CTPs to evaluate and mitigate operational risks. They demand robust standards for resilience against potential disruptions, including maintaining effective incident management protocols. Additionally, CTPs will be required to manage supply chain risks diligently and provide annual self-assessments. These assessments must be accompanied by scenario testing to confirm their capacity to continue delivering crucial services during crises.
Sam Woods, Deputy Governor for Prudential Regulation and CEO of the PRA, has called for measured control over these key service providers that are integral to the banking and insurance sectors. Sarah Breeden, Executive Director for Financial Stability Strategy and Risk at the Bank of England, highlighted the increasing dependency on third-party tech services by infrastructure companies. Nikhil Rathi, CEO of the FCA, pointed out that while managed outsourcing can accelerate innovation, it also introduces systemic risks.
The consultation process is open for industry feedback until March 15, 2024. The authorities expect to finalize these directives in the latter half of 2024, with an aim to bolster UK competitiveness within the global financial landscape.
This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.