LONDON — Britain’s financial watchdog will have powers to make onsite visits to oversee cloud computing firms like Amazon, Google and Microsoft that provide “critical” services to financial firms, the finance ministry said on Wednesday.
Banks have moved some services to a handful of outside cloud computing firms to cut costs.
Over 65% of UK firms used the same four cloud providers in 2020, the ministry said, raising concerns of widespread disruption if one of the cloud providers was hacked.
The Bank of England (BoE) said last year that contract terms of providers can be secretive and opaque, and called for standards to ensure they are resilient.
The ministry said it proposed to designate which outsourced services are “critical” and therefore come under direct supervision of the BoE and Financial Conduct Authority.
The designation would be backed by secondary legislation, allowing regulators to make rules on the provision of services, make onsite inspections, and take enforcement action.
“This will enable the regulators to ensure that services critical third parties provide to firms in the finance sector are resilient, thereby reducing the risk of systemic disruption,” the finance ministry said in a statement.
Last month, the European Union reached provisional agreement on its set of rules https://www.consilium.europa.eu/en/press/press-releases/2022/05/11/digital-finance-provisional-agreement-reached- on-dora for third party service providers, called the Digital Operational Resilience Act or DORA. (Reporting by Huw Jones Editing by Toby Chopra and Mark Potter)