Earlier this week, the Central Bank published its Outsourcing-Findings and Issues for Discussion (the "Paper").
The Paper is divided into two parts. The first part details its findings of the cross-sectoral review that it has conducted on outsourcing arrangements. The second part of the Paper requires regulated firms to consider a number of key risks and evolving trends relating to outsourcing and asks for feedback from industry to specific questions relating to these risks.
What is outsourcing?
The Central Bank describes outsourcing as "a written agreement of any kind between a regulated financial service provider and a service provider (whether regulated or unregulated) whereby the service provider performs an activity which would otherwise be performed by the regulated firm itself." Therefore activities which are not regulated by the Central Bank also fall within the scope of outsourcing. Furthermore, in the Paper the Central Bank draws no distinction between outsourcing to intragroup entities and outsourcing to third party service providers.
It is worth noting at the outset that the Central Bank has explained that the term "outsourcing" is used in place of other terms which may be used in specific sectors such as "delegation". Therefore those sectors which currently impose rules relating to delegation instead of outsourcing will also fall within the scope of the Paper.
Next steps for regulated firms
Review of existing outsourcing risk management framework
In light of the "disappointing" findings from its review, the Central Bank has made clear that it expects all regulated firms to analyse the Paper and "take appropriate steps to address issues relevant to their outsourcing practices". It has also stated that Central Bank supervisors "will seek evidence of updates to risk management frameworks to ensure that the paper was considered and an examination of outsourcing was conducted".
What follows is a brief overview of some of the key areas which regulated firms should focus on when conducting a review of the arrangements in place with outsourced service providers ("OSP"). These can be categorised under the headings of governance, risk management and business continuity.
Board Awareness: Is the Board and senior management fully aware of the scale of existing and proposed outsourcing arrangements and associated risks? Outsourcing Policy: Does the firm have a documented and comprehensive outsourcing policy in...
Central Bank Of Ireland Publishes Findings Of Review Into Outsourcing Arrangements
|Author:||Mr Cillian Bredin|
To continue readingREQUEST YOUR TRIAL