Guidelines on information and communication technology security and governance
In accordance with Article 16 of Regulation (EU) No 1094/20104 EIOPA issues these Guidelines addressed to the supervisory authorities to provide guidance on how insurance and reinsurance undertakings should apply the governance requirements foreseen in Directive 2009/138/EC5 (“Solvency II Directive”) and in Commission Delegated Regulation (EU) No 2015/356 (“Delegated Regulation”) in the context of information and communication technology security and governance.
The European Securities and Markets Authority (ESMA), the EU’s securities markets regulator, has today published a consultation paper on guidelines on outsourcing to cloud service providers.
The guidelines’ purpose is to provide guidance on the outsourcing requirements applicable to financial market participants when they outsource to cloud service providers. In particular, they aim to help firms and competent authorities identify, address and monitor the risks and challenges that arise from cloud outsourcing arrangements.
The consultation is open until 1 September and seeks feedback from both national competent authorities and financial market participants that use cloud services provided by third parties. The consultation is also important for cloud service providers, as the draft guidelines aim to ensure that potential risks firms may face from the use of cloud services are properly addressed. ESMA aims to publish the Final Report on the Guidelines by Q1 2021.
June 24, 2020
Le Commissariat aux Assurances publie la circulaire 20/13 relative aux orientations de l’EIOPA en matière de soustraitance à des prestataires de services en nuage (« cloud computing »)
En date du 24 avril 2020, l’Autorité Européenne des Assurances et des Pensions professionnelles (« EIOPA ») a publié des « Orientations relatives à la sous-traitance à des prestataires de services en nuage » (référence EIOPA-BoS-20-002).
Le texte intégral de ces Orientations se trouve joint à la lettre circulaire et peut être consulté dans différentes langues à l’adresse suivante :
EBA starts delivering on the implementation of the new regulatory framework for investments firms
The European Banking Authority (EBA) outlined today its roadmap for the implementation of the new regulatory framework for investment firms and launched a public consultation on its first set of regulatory deliverables on prudential, reporting, disclosures and remuneration requirements.
The roadmap outlines the EBA’s work plan for each of the mandates laid down in the IFR/IFD and clarifies the sequencing and rationale behind their prioritisation. Through these mandates, the EBA will contribute to the implementation of a regulatory framework that is calibrated to the size and nature of investment firms. This will strengthen supervision, which will rely more directly on the risks faced by the clients and the investment firms themselves. The consultations launched today run until 4 September 2020.