UK to regulate cloud service providers Microsoft, Google and others to protect financial stability


FILE PHOTO: A view shows a Microsoft logo at Microsoft offices in Issy-les-Moulineaux near Paris, France, March 25, 2024. REUTERS/Gonzalo Fuentes/File Photo

LONDON, July 10 (Reuters) - Britain ⁠has designated cloud service providers Microsoft, Google, Amazon ⁠and Oracle as critical third-party suppliers to its ‌financial sector, bringing them under direct regulatory oversight.

The move is aimed at strengthening the resilience of financial firms by reducing the risk of ​widespread disruption from cyber attacks or ⁠technology outages.

"As banks, insurers and ⁠financial market infrastructures become increasingly reliant on cloud services, disruption ⁠at ‌a major supplier could affect multiple firms at the same time, potentially impacting services customers ⁠depend on," the government said in a statement ​on Friday.

The government ‌designated Microsoft Ireland Operations Ltd, Google Cloud EMEA ⁠Ltd, Amazon ​Web Services EMEA SARL, and Oracle Corporation UK Ltd as critical third parties, effective July 13.

The firms will be supervised jointly ⁠by the Bank of England, the ​Prudential Regulation Authority and the Financial Conduct Authority. They will be required to undergo resilience testing, conduct regular self-assessments and ⁠report major incidents.

Britain's approach contrasts with that of the European Union, which in November designated 19 technology and services firms under a similar framework.

A Google Cloud spokesperson said: "With ​effective implementation and meaningful industry engagement, ⁠this new Critical Third Party framework can enhance the long-term ​resilience of the UK's financial ecosystem ‌and increase understanding, transparency, and ​trust between all parties."

(Reporting by Phoebe Seers and Muvija M. Editing by William James and Mark Potter)

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Others Also Read