UK to regulate cloud service providers to protect financial system


The UK is to regulate the biggest cloud service providers, including Microsoft and Google, in a move designed to protect the countryโ€™s financial system.

The Treasury said on Friday that it has designated for global cloud services and technology firms โ€“ Microsoft, Google, Amazon Web Services and Oracle โ€“ as critical third parties (CTP).

This means the firms will face oversight from the Bank of England, Prudential Regulation Authority and Financial Conduct Authority related to their services for the financial sector.

Regulators will be responsible to ensuring the firms have robust arrangements in place to identify, manage and recover from operational issues affecting critical services used across the finance sector.

Google is facing further legal action in the UK on behalf of advertisers (Alamy/PA)
Google is facing further legal action in the UK on behalf of advertisers (Alamy/PA) (Alamy/PA)

Policymakers hope the move will mark a significant step in strengthening the resilience of the UKโ€™s financial system.

It indicated that further providers could be designated over time in order to help improve resilience.

Economic Secretary to the Treasury and City Minister Rachel Blake said: โ€œWe are a world-leading financial centre and maintaining trust in our financial system is essential to its success.

โ€œThese designations will help ensure the critical services financial firms rely on remain resilient, protecting consumers and businesses while supporting growth across the economy.โ€

Freddy Dezeure, deputy chief information security officer for Europe at Microsoft, said: โ€œFor more than 40 years, Microsoft has worked closely with UK Government agencies to help support citizens, improve services and secure and enhance the resilience of the digital ecosystem.

โ€œThe designation of Microsoft Ireland Operations Limited as a critical third party marks a new chapter in this relationship and Microsoft remains fully committed to complying with the relevant oversight requirements and the UKโ€™s cybersecurity and resilience laws.โ€

A Google Cloud spokesperson said: โ€œWe are confident that, with effective implementation and meaningful industry engagement, this new CTP framework can enhance the long-term resilience of the UKโ€™s financial ecosystem and increase understanding, transparency and trust between all parties.โ€

Michael Jefferson, head of financial services public policy for EMEA at AWS, said: โ€œAWS supports the objectives of the UK authorities to ensure a robust UK financial system.

โ€œAWS will comply with all applicable regulations and we remain committed to helping customers to meet their business and operational resilience objectives.โ€

Kevin Kimber, senior vice president general manager UK&I at Oracle, said: โ€œOracle supports the UK Governmentโ€™s important objective of enhancing the operational resilience of the UK financial sector.

โ€œWe are committed to working closely with the regulators and our financial services customers toward that objective, while also supporting the Government in accelerating innovation and promoting long-term economic growth.โ€

Leave comment

Your email address will not be published. Required fields are marked with *.