Regulatory heads in the Cloud: 'critical third parties' and financial services infrastructure

Financial institutions increasingly rely on third parties outside of their regulated sector to provide key functions and services, like cloud data storage. Yet what systemic risk do these entities pose in the event of failure? Regulators are addressing the issue with new proposals, write Paul Armstrong and Harshil Patel.

Emma Radmore(emma.radmore@wbd-uk.com) is legal director and Paul Armstrong (paul.armstrong@wbd-uk.com) managing associate in Womble Bond Dickinson's London and Newcastle offices. With assistance from Harshil Patel.

HM Treasury has been concerned for some time that financial services firms and financial market infrastructure (FMI) firms are increasingly reliant upon certain third parties operating outside the financially regulated sector to provide key functions or services to support such firms. These functions or services are often outsourced and, although they provide opportunities and benefits, they can also create risks for firms and consumers. Many of these third parties are not directly subject to similar regulation.