The rising importance of cloud services and cloud service providers (CSPs) in finance has caught the attention of policymakers and regulators seeking to reap the benefits of this new technology while mitigating potential risks. The PRA, FCA and Bank of England are said to be working on a draft regulatory text now. The European institutions are finalising DORA – the Digital Operational Resilience Act. Up to now, the adoption of cloud technology has been slower because of the lack of guidance from regulators as regards how they expect systems and controls to look like.
This paper should give you an insight at what regulators are considering right now, what systemic risks there might be – and what the financial services industry should be considering when adopting cloud technology for compliance purposes, such as voice recording.