Bank of England warns sector is too reliant on "secretive" cloud providers
The organisation has called for greater regulation of the services cloud providers offer financial institutions
The Bank of England (BoE) has warned about the financial sector's increasing reliance on "secretive" cloud service providers that operate online servers.
In its latest survey on the state of financial systems, the BoE expressed concerns that the UK's banks are moving more and more of their administration and accounts online, warning that this "could pose a risk to financial stability".
The BoE has previously raised concerns that the market for cloud services is highly concentrated, with companies such as Microsoft and Amazon Web Services (AWS) heavily dominating. Ministers have also previously questioned the government's own reliance on those two tech giants.
However, the organisation's concerns have been repeated due to the pandemic, which has seen financial institutions accelerate digital transformation plans and increase their reliance on cloud service providers (CSPs).
In a news conference, BoE Governor Andrew Bailey expressed his concerns about the "secretive" nature of these CSPs, saying that while he "understood cloud providers' desire not to reveal too much publicly about their operations in case it opened the door to cyber attacks, firms needed to give more information to regulators and customers."
"That concentrated power on terms can manifest itself in the form of secrecy, opacity, not providing customers with the sort of information they need to monitor the risk in the service," he said, according to Reuters.
The secure cloud configuration imperative
The central role of cloud security posture managementDownload now
The Prudential Regulation Authority and Financial Conduct Authority have recently strengthened regulations regarding operational resilience and third-party risk management, according to the BoE, but the increasing reliance on a small number of CSPs could increase financial stability risks without greater direct regulatory oversight of the resilience of those provider's services.
"The Financial Policy Committee (FPC) is of the view that additional policy measures to mitigate financial stability risks in this area are needed, and welcomes the engagement between the Bank, FCA and HM Treasury on how to tackle these risks," the Bank of England said in its report.
"The FPC recognises that absent a cross-sectoral regulatory framework, and cross-border co-operation where appropriate, there are limits to the extent to which financial regulators alone can mitigate these risks effectively."
B2B under quarantine
Key B2C e-commerce features B2B need to adopt to surviveDownload now
The top three IT pains of the new reality and how to solve them
Driving more resiliency with unified operations and service managementDownload now
The five essentials from your endpoint security partner
Empower your MSP business to operate efficientlyDownload now
How fashion retailers are redesigning their digital future
Fashion retail guideDownload now