Financial firms toil to meet new EU rules on outsourcing

Negotiating right to audit vendors, including cloud providers, seen as toughest requirement

The brief of bank operational risk managers is changing rapidly. Where once they spent their days fretting about internal systems, now they face a galaxy of potential points of failure and back doors for cyber attackers across thousands of third-party service providers. And regulators have made it increasingly clear that banks cannot delegate responsibility without maintaining a strict level of oversight.

In its latest guidelines on outsourcing, the European Banking Authority (EBA) requires

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact or view our subscription options here:

You are currently unable to copy this content. Please contact to find out more.

Sorry, our subscription options are not loading right now

Please try again later. Get in touch with our customer services team if this issue persists.

New to View our subscription options

You need to sign in to use this feature. If you don’t have a account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here