A bill to establish a regulatory body that holds sway over cloud providers, and how banks interact with them, is being proposed to the European Commission today (September 24).

First reported by Politico, the draft law would create an agency that supervises the likes of AWS, Google Cloud, and Microsoft Azure.

European Commission
– dimitrisvetsikas1969 / 15115 images

Cyber Hygiene

The draft document says the reason for creating the agency would be to monitor operational risks derived from the bloc’s reliance on non-EU services. The idea is deemed necessary since banks could impose heavy costs on the bloc's economy in the event they suffer severe ICT disruptions. Due to that damage, the bill proposes bringing Cloud providers, housing an EU bank's data, should be under their supervision.

According to the European Banking Authority, almost two-thirds of banks based out of the EU already house their data on the Cloud.

In terms of funding, the bill suggests the new agency could derive its money from Cloud providers, although this is a proposal and the draft also proposes regular EU funding. In the event the agency is established, then Cloud operators could face large fines if they refuse to cooperate or fall foul of the body.

The move to regulate cloud operations in Europe and how vital institutions interact with them comes as the EU tries to establish Gaia-X, a cloud project which hopes to standardize the Cloud market across the continent and is gaining traction across the EU. It will establish APIs and codify data sovereignty rules for companies to follow as they store data on the Cloud.

Further reading