What’s new: China’s top banking and insurance industry regulator is working on new rules designed to contain risks from financial institutions’ information technology (IT) outsourcing practices, Caixin learned.
The China Banking and Insurance Regulatory Commission (CBIRC) recently released for industry comment a set of proposed rules that would introduce new requirements for financial institutions’ hiring of IT outsourcing providers and management of related risks.
The draft rules stipulate that financial institutions retain in-house supervision of IT management, build their own capacity in key technologies, and enhance risk monitoring and oversight of outsourced IT operations, according to documents reviewed by Caixin.
What’s the context: The draft rules reflect financial regulators’ rising concerns over technology-related risks in the financial system
China first put up rules to regulate financial institutions’ IT system management and related risk controls more than 10 years ago. The latest draft further emphasizes institutions’ responsibility for technology risk control and proposes different levels of risk management requirements on different types of technology outsourcing practices.
Contact reporter Han Wei (weihan@caixin.com) and editor Bob Simison (bobsimison@caixin.com).
.png?w=600)
