Global Trustee and Fiduciary Services Bite-Sized Issue 12 2023

Global Trustee and Fiduciary Services Bite-Sized | Issue 12 | 2023 11 QUICK LINKS AIFMD BENCHMARK REGULATION CBDC COSTS & CHARGES CRYPTOASSETS FUND LIQUIDITY LIBOR TRANSITION MiCA OPERATIONAL RESILIENCE UK PRIIPs SUSTAINABLEFINANCE/ESG ASIA EUROPE IRELAND NORTH AMERICA UNITED KINGDOM The toolkit aims to (i) reduce fragmentation in regulatory and supervisory approaches to third- party risk management across jurisdictions and different areas of the financial services sector; (ii) strengthen financial institutions’ ability to manage third-party risks and financial authorities’ ability to monitor and strengthen the resilience of the financial system; and (iii) facilitate coordination among relevant stakeholders (i.e., financial authorities, financial institutions and third-party service providers). The toolkit promotes comparability and interoperability of regulatory and supervisory approaches across sectors and jurisdictions. It comprises: • A list of common terms and definitions to improve clarity and consistency regarding third-party risk management across financial institutions; • Tools to help financial institutions identify critical services and manage potential risks throughout the lifecycle of a third-party service relationship; and • Tools for supervising how financial institutions manage third-party risks, and for identifying, monitoring, and managing systemic third-party dependencies and potential systemic risks. The FSB has also set out ways to explore greater convergence of regulatory and supervisory frameworks around systemic third-party dependencies; options for greater cross-border information-sharing; and cross-border resilience testing and exercises. Link to the Toolkit here Managing Cloud Risk – Some Considerations for the Oversight of Critical Cloud Service Providers in the Financial Sector On 16 November 2023 the Bank of International Settlements’ Financial Stability Institute (FSI) published an FSI Insight on managing cloud risk - some considerations for the oversight of critical cloud service providers (CSPs) in the financial sector. The paper notes the predominance of a small number of CSPs and that this exacerbates the risks associated with the use of the cloud by financial institutions. The paper goes on to identify some considerations for financial authorities when introducing direct oversight frameworks for critical CSPs. Link to the Paper here FEMA and CISA Release Joint Guidance on Planning Considerations for Cyber Incidents On 7 November 2023 the US’s Federal Emergency Management Agency (FEMA) and the Cybersecurity and Infrastructure Security Agency (CISA) released the joint guide Planning Considerations for Cyber Incidents: Guidance for Emergency Managers to provide state, local, tribal, and territorial (SLTT) emergency managers with foundational knowledge of cyber incidents to increase cyber preparedness efforts in their jurisdictions. The Guidance says emergency managers should be able to understand and prepare for the potential impacts of cyber incidents on their communities and emergency operations. FEMA and CISA encourage emergency managers to review this guide for recommendations on how to plan for and respond to cyber incidents. Link to the Guide here