scorecardresearch
Bank of England calls for crack down on 'secretive' cloud computing services

Bank of England calls for crack down on 'secretive' cloud computing services

Banks and other financial firms are outsourcing key services to cloud computing companies such as Amazon, Microsoft and Google to improve efficiency and cut costs, with the trend accelerating last year as the COVID-19 pandemic unfolded.

Earlier the BoE's Financial Policy Committee said additional policy measures were needed to mitigate financial stability risks in cloud computing.(Source: Reuters) Earlier the BoE's Financial Policy Committee said additional policy measures were needed to mitigate financial stability risks in cloud computing.(Source: Reuters)

Cloud computing providers to the financial sector can be "secretive", and regulators need to act to avoid banks' reliance on a handful of outside firms becoming a threat to financial stability, the Bank of England said on Tuesday.

Banks and other financial firms are outsourcing key services to cloud computing companies such as Amazon, Microsoft and Google to improve efficiency and cut costs, with the trend accelerating last year as the COVID-19 pandemic unfolded.

The BoE said cloud computing could sometimes be more reliable than banks hosting all their servers themselves. But big providers could dictate terms and conditions - as well as prices - to key financial firms.

"That concentrated power on terms can manifest itself in the form of secrecy, opacity, not providing customers with the sort of information they need to monitor the risk in the service," BoE Governor Andrew Bailey told a news conference. "We have seen some of that going on."

Bailey did not name specific firms he had concerns about.

Earlier the BoE's Financial Policy Committee said additional policy measures were needed to mitigate financial stability risks in cloud computing.

"In terms of the standards of resilience and the testing of those standards of resilience, frankly we will have to roll some of that back, that secrecy that goes with it. It's not consistent with our objectives," Bailey said.

Bailey said the BoE understood cloud providers' desire not to reveal too much publicly about their operations, in case it opened the door to cyber-attacks, but that the firms needed to give more information to regulators and customers.

"We have got to strike a balance here," Bailey said.

The BoE said it welcomed the engagement of the finance ministry and Financial Conduct Authority on how to tackle risks from cloud computing, but that a broader approach may be needed, including other regulators and overseas partners.

Also Read: 'Pandemic risk' finds a place in banks' risk management architecture

Also Read: Pentagon's $10 billion cloud computing deal reversed by Biden administration