Board directors of banks must take ultimate responsibility for outsourced services and document how they manage the risk of outages and disruptions to customer services, the global Basel Committee of banking regulators proposed on Tuesday.
Banks increasingly use third-party tech companies, such as Microsoft (MSFT.O), Amazon (AMZN.O), and Google (GOOGL.O), for cloud computing to run key services, raising concerns among regulators about the impact on the financial sector if a provider used by many banks went down.
Recently, banks and telecommunication companies operating in Nigeria experienced downtime with internet outages due to damage to international undersea cables supplying them with connectivity.
“Ongoing digitalisation has led to rapid adoption of innovative approaches in the banking sector.
“As a result, banks have become increasingly reliant on third parties for services that they had not previously undertaken,” the Basel Committee revealed in a statement.
The committee, made up of regulators from the G20 and other countries, proposed 12 principles for banks and their regulators to apply, noting that the bank’s board of directors has ultimate responsibility for oversight of third-party arrangements.
“As with all business processes, documentation evidencing key decisions (e.g. third-party strategy, board minutes reflecting decision to enter into a critical… arrangement) should be maintained in banks’ records,” Basel said in its consultation paper, opening a new tab.
Third-party services have come under increased scrutiny as hackers continually try to breach banks’ cyber defences and undermine operational resilience, leading to suspension of customer services for hours or even days.
The European Union has approved a Digital Operational Resilience Act (DORA) to improve resilience in the financial sector from January next year, with Britain doing likewise.
Basel said banks should undertake “appropriate due diligence” of risks before they sign contracts with third parties, and monitor how the service is performing.
Banks should also maintain “robust business continuity” management so they can operate during a disruption, Basel said.
Join Daily Trust WhatsApp Community For Quick Access To News and Happenings Around You.
