Cookie policy: This site uses cookies (small files stored on your computer) to simplify and improve your experience of this website. Cookies are small text files stored on the device you are using to access this website. For more information on how we use and manage cookies please take a look at our privacy and cookie policies. Some parts of the site may not work properly if you choose not to accept cookies.

sections

Singapore monetary authority to update cloud guidelines

  • Print
  • Share
  • Comment
  • Save

MAS effect on Singapore’s financial cloud 

The Monetary Authority of Singapore (MAS) has consulted financial institutions and will update its outsourcing guidelines to reflect MAS’ expectations on the use of cloud computing services, according to Singapore trade and industry minister Lim Hng Kiang,

As well as holding the trade and industry portfolio, Lim is the deputy chairman of MAS, Singapore’s central bank and financial regulatory authority. He announced the updates in a speech made at a banking industry dinner last week.

mas monetary authority of singapore lead

Source: Monetary Authority of Singapore

Cloud benefits

“MAS recognizes cloud services can offer various benefits such as scalability and advanced functionalities, and is amenable to banks leveraging on cloud services to fulfil their business and operational needs,” said the minister. “MAS expects banks to ensure that their risk management measures are commensurate with the nature, scope and complexity of the cloud deployment models that they adopt.”

There will be a greater emphasis on the safeguarding of customer information held by banks and its service providers, said Lim, and “outsourcing arrangements involving certain customer information will be subject to a higher standard of care”.

Finally, there will be a greater focus on the outsourcing risk management framework of financial institutions, which MAS will continue to assess and monitor. While the revised guidelines will no longer require FIs to pre-notify MAS of any outsourcing arrangements, FIs will be held responsible for ensuring the safety of all of their outsourcing arrangements.

A growing number of guidelines and standards have been developed over the years to address cloud resilience and security in Singapore. Just earlier this year, the Infocomm Development Authority (IDA) had unveiled a set of Cloud Outage Incident Response (COIR) guidelines that tells enterprises and cloud service providers (CSPs) how to respond to a cloud outage.

Separately, the Multi-Tier Cloud Security (MTCS) standard was developed by the Information Technology Standards Committee (ITSC) in 2013 to help businesses understand the different cloud service providers’ (CSPs) offerings better by certifying their security practices.

In addition, MAS had also published a set of Technology Risk Management Guidelines, which is a set of specifications for FIs that spans from cyber security to physical infrastructure to mitigate physical threats.

Have your say

Please view our terms and conditions before submitting your comment.

required
required
required
required
  • Print
  • Share
  • Comment
  • Save

Webinars

More link