New Regulatory Requirements will Impact Financial Institutions’ Move to the Cloud

Big new regulatory requirements are coming for financial institutions that are moving to the cloud. Financial services executives in the U.K. are expecting the PRA (Prudential Regulation Authority) to issue requirements showing how you will be able to respond to various failure scenarios including the potential loss of AWS and Azure at the same time.

While ostensibly the focus is on the resiliency of cloud providers themselves, with the hybrid cloud models being implemented, it is hard to see how the requirement to demonstrate full operational failure response capability and readiness is not ultimately going to lie with the financial institutions as well.

From the article:

“The regulator is also said to be considering the implementation of “outage and disaster recovery tests” to evaluate the potential impact of cloud-related technical issues on banks.”

These kinds of tests would squarely fall on the backs of banks to play a significant role in test implementation.
The analogous regulatory agency in the U.S. is the Federal Reserve (FED), so expect global financial organizations to be required to respond to MRA’s (Matters Requiring Attention) relating to disaster protection and resilience in the public cloud on this side of the pond as well. 

Read the full report

‘UK financial regulators plan to increase scrutiny of cloud providers’ report by Silicon Angle.