Contact us

Please get in touch using the contact details below or alternatively fill in the contact form and a member of the team will be in touch soon.

6th Floor
Commodity Quay
St Katharine Docks
London E1W 1AZ
View on map

The FCA recently issued a guidance paper providing financial institutions with recommendations on the use of third-party IT services for their business applications. The rise of cloud computing, coupled with the improvements in efficiency obtainable through shared infrastructure and server virtualisation, present a new set of challenges that regulated firms need to address in order to discharge their regulatory obligations in a proper manner.

For example, in an outsourced hosting scenario there are a number of regulations relating to the physical location of data, and it is not always clear when evaluating cloud platform providers where their physical infrastructure is located – everything is obscured by the cloud. This is starting to be recognised in the industry, and indeed Microsoft recently announced the creation of a new Azure hosting zone which guarantees that all data will remain within the UK at all times. Under the new guidelines, firms and their auditors should be granted access to the hosting location when needed.

Information security is another concern, particularly in scenarios where physical infrastructure is being shared by multiple institutions in a ‘multi-tenant’ structure. This means that a single set of physical servers are simultaneously providing application services and storage to more than one financial institution. In these scenarios the hosting provider implements logical isolation between the different systems, but it is not always clear exactly how this is secured and strong it is compared with traditional dedicated hardware. Each firm needs to strike the right balance between the cost and the perceived risk associated with a particular implementation model. There is no doubt that for startups and smaller organisations the opportunity to operate on a lower cost model is compelling.

The FCA paper makes clear that while the information provided does not (for now) constitute new rules, firms will be expected to make sure that the guidance is used to inform their selection of infrastructure services going forward.

The technology landscape continues to evolve at a remarkable pace, and it is encouraging to see that the regulator is taking a progressive view on potential innovations in this area.

arrow_downarrow_left9D37AB28-19B3-4DC3-BFE3-F33BD0A72546Created with sketchtool. arrow_rightbar-chartvFill 4Created with Sketch. Path 3Created with Sketch. bulberg478EA46C-84DF-46B0-BF46-F901EB1960C5Created with sketchtool. checktgriejhrugre 8BBC46CE-DB93-4355-B329-32C4528B2A59Created with sketchtool. journeyteasytouseloans 766BAC1F-75DE-4DFE-9B6B-977C69B8CA13Created with sketchtool. logo--sticky modularmortgages MaskCreated with Sketch. offeringoverlay__icon paper-plane-svg 7AB0CFDA-91FD-4039-924A-82AD02D92604Created with sketchtool. persongtestphone Asset 2responsivesavings social_facebooksocial_googleplussocial_instagramDEA72E70-B4D8-4DA5-9AAC-E40BB91B0FD1Created with sketchtool. share_mailsocial_pinterestlogo-twitter-glyph-32social_youtubetick 117DDDAC-FBAF-4020-BD08-CA688A511FF2Created with sketchtool. Path 3Created with Sketch.