The Bank’s outsourcing and third party risk management policy for FMIs aims to:
- facilitate greater resilience and adoption of the cloud and other new technologies as set out in the Bank of England’s response to the Future of Finance (FoF) report;
- set out the Bank’s requirements and expectations in relation to outsourcing and third party risk management in FMIs; and
- complement the Bank’s Supervisory Statements on FMI operational resilience.
The policy has been issued in the form of Supervisory Statements (SSs) for central counterparties (CCPs), central securities depositaries (CSDs) and recognised payment system operators (RPSOs) & specified service providers (SSPs) and they set out the Bank of England’s requirements and expectations relating to FMIs’ outsourcing and third party risk management. The Bank also issued an outsourcing and third party risk management part to be added to the Code of Practice applying to relevant RPSOs and SSPs.
The finalisation of this policy follows the Bank’s consultation on this topic in 2022.
The Bank of England has published:
- A Policy Statement (PS) which provides feedback to responses to the three CPs published in April 2022
- Three SSs for outsourcing and third party risk management for each category of FMI
- An outsourcing and third party risk management part to add to the Code of Practice applying to relevant RPSOs and SSPs