An international watchdog group is cautioning banks about the risks involved with outsourcing key technology. The Financial Stability Board (FSB) warned, in particular, “about the possibility of systemic risk arising from concentration in the provision of some outsourced” services to financial institutions (FIs).
In a press release, the Swiss-based organization said that “these risks may become higher as the number of financial institutions receiving critical services from a given third party increases.” That could mean that a major disruption, outage or failure at one of these third parties “could create a single point of failure with potential adverse consequences for financial stability” for many FIs, the release said.
The financial board noted that FIs have been outsourcing certain work to third parties for decades. However, it added that “in recent years, the extent and nature of interactions with a broad and diverse ecosystem of third parties has evolved, particularly in the area of technology.” FIs’ response to the COVID-19 crisis “highlights the benefits as well as the challenges of managing the risks of financial institutions’ interactions with third parties,” continued the FSB. “The pandemic may have also accelerated the trend toward greater reliance on certain third-party technologies.”
To address some of these issues, the FSB said that FIs must have rigorous outsourcing contracts that give them supervisory rights, along with “appropriate rights to access, audit and obtain information from third parties.” The board warns that these types of contracts “can be challenging to negotiate and exercise, particularly in a multi-jurisdictional context.”
The global group referred FIs to its discussion paper, “Regulatory and Supervisory Issues Relating to Outsourcing and Third-Party Relationships.”
In the era of cloud computing and outsourcing, other industries are looking into these issues as well.
In an interview, Sticky.io Chief Technology Officer Clark Huang told PYMNTS that online merchants should focus in-house work on core business applications. That means keeping full control of how the online merchant works with customers. On the other hand, he said, “trying to develop backend solutions for supporting eCommerce workflows — such as payment systems integrations, third-party fulfillment or re-marketing tools — is not the best use of internal resources.”