IOSCO proposes updated Outsourcing Principles as Covid-19 drives operational resilience to the top of the agenda

Having initially delayed its planned consultation exercise to allow the financial services sector to focus on responding to Covid-19, the International Organization of Securities Commissions (IOSCO) subsequently found the pandemic a catalyst to proceed. Therefore, at the end of May, IOSCO launched its consultation on proposed updates to the 2005 Outsourcing Principles for Market Intermediaries and the 2009 Outsourcing Principles for Markets; feedback on the proposed new Outsourcing Principles (OPs) is requested on or before 1 October 2020. The decision to proceed reflects the acknowledgement that outsourcing is a key element for consideration when assessing operational resilience across the sector.

This post gives a high level summary of the consultation, with a link to our briefing that focuses in more detail on: the scope of application; IOSCO’s definition of outsourcing; intragroup arrangements; concentration risk; and access and audit rights. To provide additional context to IOSCO’s proposals, the associated briefing also catalogues relevant proposals and initiatives which are running concurrent to the consultation exercise.

Continue reading

Digital Economy Act 2017: The pick ‘n’ mix assortment of provisions receives Royal Assent

The Digital Economy Act (the “Act“) finally received Royal Assent on 27 April 2017 and the final text has recently been published. First introduced in the House of Commons in July 2016, it has been the subject of much scrutiny and debate by both Houses of Parliament. With the General Election looming, the legislation was passed in a final sweep as part of the so-called “wash up” period before the dissolution of Parliament.

Continue reading

Are you ready to deal with cyber risk?

An organisation’s confidential information and the personal data of their customer base is a valuable commodity. Combine this with an increased reliance on doing business in a digital world and the regulatory scrutiny surrounding cyber breaches, organisations big and small need to tackle the cyber risk proactively within a broader context of crisis prevention and management.

Continue reading