In the August issue of the BaFin Journal, Raimund Röseler, Executive Director Banking Supervision, speaks about the current digital threat to the financial industry and what challenges BaFin sees in outsourcing to IT service providers.
According to the expert, Corona is also acting as an accelerator to digitization in the financial industry and brought to light shortcomings in the virtual processes of a number of banks. Most of these are due to carelessness in protecting and sharing data. The supervisory authority sees mistakes being made by both the banks themselves and the IT service providers used for outsourcing.
The compliance hurdles for IT outsourcing are high
As a result, IT service providers in the financial sector are already faced with strict requirements in terms of compliance, IT security, risk management, data protection, and reporting. Few service providers are able to fully meet these requirements. Röseler also calls for direct control and punitive options if needed to force IT service providers to comply with regulatory requirements.
Outsourcing IT security – How banks can overcome the higher hurdles
Service providers under obligation
On the other side, however, IT service providers are also facing challenges. Anyone who wants to be perceived as a reliable partner in the financial industry may not shy away from a visit by BaFin. What’s more, an active exchange of information between IT service providers and the supervisory authority is now required in order to implement increasingly stringent requirements into user-friendly solutions. The financial industry can only benefit from such cooperation when products and service providers that meet BaFin’s requirements are clearly identifiable.