The Bangko Sentral ng Pilipinas (BSP) is proposing new regulations for both banks and non-banks’ outsourcing and IT risk management that aim to streamline the process.

The BSP’s draft circular has been released to the industry for comments and recommendations and has given them until June 21 to submit their inputs.

The proposed circular tweaked the rules for the management and contracting of third-party outsourcing such as only banks with a CAMELS/SAFr composite rating of at least “3” will be allowed to outsource designated activities without prior BSP approval. It has removed the requirement of a management rating of not lower than “3” in this rule.

There were also changes in the material outsourcing arrangements in that the BSP will no longer need other BSP department approval nor would it need to approve a bank’s outsourcing arrangements based on its ability to manage risks.

This applies to the following: new outsourcing arrangements; changes in existing material outsourcing arrangements that have significant impact in the delivery of outsourcing services; and changes in existing outsourcing arrangements resulting in the reclassification of the arrangements as material such as, but not limited to those affecting the nature, scope, and complexity of systems and processes.

The proposed amendments to the existing circular also addressed governance and management of outsourcing risks, compliance with BSP regulations, legal issues, due diligence, security and privacy, and business continuity planning.


Source: Manila Bulletin (https://mb.com.ph/2021/06/04/bsp-sets-new-outsourcing-it-risk-rules-for-banks/?utm_source=rss&utm_medium=rss&utm_campaign=bsp-sets-new-outsourcing-it-risk-rules-for-banks)