Bank of England warns sector is too reliant on "secretive" cloud providers

The organisation has called for greater regulation of the services cloud providers offer financial institutions

The Bank of England (BoE) has warned about the financial sector's increasing reliance on "secretive" cloud service providers that operate online servers. 

In its latest survey on the state of financial systems, the BoE expressed concerns that the UK's banks are moving more and more of their administration and accounts online, warning that this "could pose a risk to financial stability". 

The BoE has previously raised concerns that the market for cloud services is highly concentrated, with companies such as Microsoft and Amazon Web Services (AWS) heavily dominating. Ministers have also previously questioned the government's own reliance on those two tech giants. 

However, the organisation's concerns have been repeated due to the pandemic, which has seen financial institutions accelerate digital transformation plans and increase their reliance on cloud service providers (CSPs). 

In a news conference, BoE Governor Andrew Bailey expressed his concerns about the "secretive" nature of these CSPs, saying that while he "understood cloud providers' desire not to reveal too much publicly about their operations in case it opened the door to cyber attacks, firms needed to give more information to regulators and customers."

"That concentrated power on terms can manifest itself in the form of secrecy, opacity, not providing customers with the sort of information they need to monitor the risk in the service," he said, according to Reuters

Related Resource

The secure cloud configuration imperative

The central role of cloud security posture management

The secure cloud configuration imperativeWatch now

The Prudential Regulation Authority and Financial Conduct Authority have recently strengthened regulations regarding operational resilience and third-party risk management, according to the BoE, but the increasing reliance on a small number of CSPs could increase financial stability risks without greater direct regulatory oversight of the resilience of those provider's services. 

"The Financial Policy Committee (FPC) is of the view that additional policy measures to mitigate financial stability risks in this area are needed, and welcomes the engagement between the Bank, FCA and HM Treasury on how to tackle these risks," the Bank of England said in its report. 

"The FPC recognises that absent a cross-sectoral regulatory framework, and cross-border co-operation where appropriate, there are limits to the extent to which financial regulators alone can mitigate these risks effectively." 

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021