FCA under fire for cloud computing rules

Grazed from FTAdvisor. Author: Damian Fantato.

The Financial Conduct Authority has published guidance on how financial advisers should outsource to cloud computing providers amid concerns its requirements are too burdensome and onerous. Published today (7 July), the note stated firms using cloud services and other third-party IT providers must have a clear and documented business case or rationale if using them for “critical or important operational functions or material outsourcing”, as well as carrying out a risk assessment.

The regulator also stated firms must insist on being notified promptly in the case of any breaches, must have physical access to a provider’s data centres and there should be no restrictions on the number of requests firms can make of the provider to access or receive data. But some of these requirements were criticised during the consultation on the FCA’s proposals, while the regulator has watered down other rules after concerns were raised...

In the final guidance document the FCA stated: “Many respondents suggested the expectation that firms should require providers to notify them of ‘any breaches’ was unduly burdensome, and that a threshold for breach notification should be determined...

Read more from the source @ http://www.ftadviser.com/2016/07/07/regulation/regulators/fca-under-fire-for-cloud-computing-rules-vlvOhx2Q77XvBLxajovOKJ/article.html