New FCA recommendations for firms outsourcing IT services

In the Financial Conduct Authority’s (FCA’s) recent document entitled ‘Considerations for firms thinking of using third-party technology (off-the-shelf) banking solutions’, it provides a list of questions for regulated firms to consider when using third parties in the delivery of technology services that are critical to the firm’s business operations.

If a firm uses a third party for critical business services, it must comply with the outsourcing requirements in the FCA Handbook at SYSC 8. The aim of these obligations is that firms appropriately manage the operational risk associated with their use of third parties and that such arrangements do not impair the FCA’s ability to regulate the firm.

In practice, the FCA expects firms to have IT services that are effective, resilient and secure and designed to meet business needs. A firm must also be able to provide reasonable assurance that those of its outsource service providers (OSPs) critical to its business will deliver services effectively, resiliently and securely, as well as have arrangements for risk management and oversight of the OSPs to meet regulatory requirements. Crucially, firms retain full accountability for all of their regulatory responsibilities and cannot delegate them to a third party…

Click on the link below to read the rest of the Kemp Little briefing.

Briefings from Kemp Little

View more briefings from Kemp Little

Analysis from The Lawyer

  • sapling

    Profit on the margins

    You don’t have to be a big firm to innovate and thrive in a downturn, as our look at the lower half of the UK 200 shows. We pick 10 inspiring stories

  • Chart4

    Good offices

    Making the most of your office space is a management priority these days, as exclusive new data in the UK 200 reveals


Cheapside House
138 Cheapside

Turnover (£m): 8.50
No. of lawyers: 52