Latest Posts
Search for:
Legal Update

FCA Completes Outsourcing Review

By 2 Mins Read

In its regulation round-up from September 2018, the Financial Conduct Authority (FCA) UK’s financial services regulator announced that it had completed a review of retail banks’ use of outsourcing.

The FCA considers that the potential types of harm arising from outsourcing include service disruption (impacting consumers’ access to products and services) and poor customer service. In its review, the FCA focused on firms’ approaches to outsourcing, but did not test whether these are mitigating the risk of harm in practice.

Overall, the FCA did not identify significant concerns. However, it did identify some areas for firms to consider:

  • In November 2017, the UK’s Prudential Regulatory Authority introduced a prescribed responsibility for outsourcing. Firms should be clear that those assigned this prescribed responsibility have overall accountability for outsourcing. This includes where the responsibility for managing third parties is delegated.
  • Firms must continue to have robust governance arrangements for outsourcing, including effective processes to identify, manage, monitor and report the risks it is (or might be) exposed to, as appropriate. These arrangements should help firms identify and reduce the potential harm to consumers if things were to go wrong.
  • Consumers can be exposed to potential harm when a firm’s third party relationship ends, particularly if it ends unexpectedly. Robust oversight arrangements that include sufficiently tested exit plans for different scenarios will help reduce the potential harm by ensuring business continuity.
  • Firms appear to be increasingly considering outsourcing to the cloud. The FCA explained its expectations in this area in July’s Regulation Round-up i.e. all firms interesting in outsourcing to the cloud should follow the FCA’s cloud guidance, apart from banks, building societies, designated investment firms or IFPRU investment firms who should refer to the EBA outsourcing guidance.

The EBA is currently consulting on its draft Guidelines on outsourcing arrangements (as outlined in our previous post.

Categories:
Tags:
Author

Sue McLean is a partner and co-chair of the EMEA Financial Services Industry Group and co-chair of the UK FinTech practice. She specialises in technology and had been advising on technology projects for over 20 years. She also advises clients (both customers and vendors) on a wide range of technology matters, including outsourcing, cloud, digital transformation, technology procurement, development and licensing, m/e-commerce, AI, blockchain and data privacy.

Related Posts