Draft framework for Financial Services Outsourcing
Elevating Risk Management and Regulatory Compliance
– Team Finserv | finserv@vinodkothari.com
Introduction
Financial institutions are increasingly turning to outsourcing for cost efficiency and achievement of strategic objectives. The need and economics of outsourcing are quite clear as there is increasing specialisation in several functions in the lending journey , particularly, cloud-sourcing, use of shared technology, software and applications, etc. However, this reliance on third-party providers introduces challenges and risks like data protection, security, operational resilience, service continuity, shifting of risks and compliance responsibilities to unregulated entities, raising concerns about maintaining control, risk management, and regulatory compliance. This necessitates regulatory guidelines for regulated institutions, especially when service providers have concentrated functions or engage in regulated activities.
The concerns about outsourcing by financial entities have been a part of regulatory attention for years. In 2005, the Basel Committee framed General Principles on Outsourcing, and it was indicated in 2023 that these principles will be superseded by new outsourcing principles. The European Banking Authority also has comprehensive guidelines on outsourcing IOSCO also has set principles on outsourcing by entities coming within its regulatory domain.
Currently, RBI has different guidelines for outsourcing by different financial institutions. In this article, the author examines the RBI’s recently released Draft Master Direction on Managing Risks and Code of Conduct in Outsourcing of Financial Services (“Proposed Master Direction”/”Draft Master Directions”), intended to repeal the existing guidelines and cover all financial institutions under its gamut, particularly focusing on the major changes, that these Proposed Directions bring with them.. .
Read more →