Bank of England Wants More Oversight Over Cloud Providers Like Amazon or Google
The Bank of England Tuesday raised concerns about the powers acquired by cloud providers in the banking industry, indicating that these new actors of the financial system were a source of potential instability that needed “greater direct regulatory oversight” of the services their provide.
Banks in the past few years have outsourced large chunks of their operations to companies like
“Additional policy measures to mitigate financial stability risks in this area are needed,” the BoE’s twice-yearly Financial Stability Report noted Tuesday. But the bank also acknowledges that without a “cross-sectoral regulatory framework”—i.e. a set of regulations that would include the financial and tech sectors—“there are limits to the extent to which financial regulators alone can mitigate these risks effectively.”
Similar limits apply in the absence of cross-border cooperation on the matter, the BoE notes. Central banks and financial regulators the world over are becoming nervous about the increasing role played by cloud providers in the financial system, notably in light of cyber risks. But so far they have not started to elaborate a set of international principles. Two years ago the Federal Reserve inspected an Amazon site in Virginia, and Fed chair
has voiced his concerns about a cyberattack on the financial system.
And the European Commission, in a “digital finance package” published in September 2020, proposed that cloud providers designed as “critical” be answerable to one of the three European Union watchdogs—for markets, banks or insurers—chosen as “lead overseer.”
Efficient regulation will come, for the big cloud actors, with a price bluntly described Tuesday by BoE governor Andrew Bailey: “We will have to roll some of the secrecy that goes with it back.”