BaFin Cloud Outsourcing Guidance
The Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) is responsible for the supervision of all banks, credit institutions, insurers, funds and financial institutions in Germany. Its objective is to ensure the functioning, stability and integrity of the German financial market. BaFin issued guidance on outsourcing to cloud service providers (BaFin Cloud Outsourcing Guidance) to create greater transparency into the supervisory assessment of cloud outsourcing.
The BaFin Cloud Outsourcing Guidance provides specific outsourcing guidance for financial institutions on contractual terms, including information and audit rights, the right to issue instructions, data security / protection, termination and chain outsourcing.
Google Cloud's contracts for financial institutions in Germany address the requirements in the BaFin Cloud Outsourcing Guidance. We have also created mappings to the BaFin Cloud Outsourcing Guidance for both GCP and Google Workspace to assist you with understanding how we can support you with meeting the requirements and assess us as an outsourced service provider. Google Cloud is committed to addressing these requirements regardless of how financial institutions choose to use our services.