UK’s Financial Conduct Authority issues guidance on cloud

On 7 July 2016, the UK’s Financial Conduct Authority (FCA) issued finalised guidance for authorised UK financial institutions use of cloud services. In a marked contrast to some other jurisdictions’ approach, this guidance is issued against a policy backdrop of FCA’s ‘Project Innovate’ which is a initiative to foster innovation and competition. The FCA say:

Read moreUK’s Financial Conduct Authority issues guidance on cloud

Hong Kong privacy regulator recognises ISO/IEC 27018

This guest post is written by @matthew1hunter and @aisling1odwyer. Regular readers of this blog will know we have been tracking the impact of ISO/IEC 27018:2014 –Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors (ISO/IEC 27018). We see this as the go-to standard for customers of public … Read more

Korea leads the world with cloud law encouraging cloud use

On 3rd March 2015, Korea passed the world’s first cloud-specific law, with the stated aim of driving the adoption of cloud computing in Korea. But what are the practical implications for cloud customers and cloud services providers in Korea?   This guest post is written by Daniel Jung and @matthew1hunter. When does the Korean Cloud Act come into force? … Read more

Are Singapore’s Monetary Authority’s proposed outsourcing rules clear enough?

The Monetary Authority of Singapore  (“MAS“) is consulting on a new notice and guidelines on outsourcing. Having already commented on its positive message for cloud services, this post addresses the rest of the consultation. In summary, we think: MAS’s proposals are generally positive and helpful. However, in some areas more clarity could be provided. Background MAS first issued its ‘Guidelines on Outsourcing’ in 2004 … Read more

MAS Embraces Cloud: A Silver Lining

There should be relief at the moment felt by financial institutions and cloud service providers alike, following the release of the MAS’s consultation on the proposed new outsourcing notice and updated guidelines as mentioned in Rob’s previous post. The MAS doesn’t use the word “cloud” expressly in its consultation.  However, the MAS has made important changes … Read more

Singapore launches new cloud security standard

Singapore’s Infocomm Development Authority (IDA) has launched a new cloud security standard: Multi-Tier Cloud Security (MTCS) Standard For Singapore (SS 584). The IDA explains that the objective of the standard is: “to provide businesses with greater clarity on the levels of security offered by different cloud service providers (CSPs).” Objectives The IDA’s fact sheet explains that: [Customer … Read more