EMEA | Financial services

EIOPA cloud outsourcing guidelines

The European Insurance and Occupational Pensions Authority ("EIOPA") is an independent EU Authority that works to foster financial stability and confidence in the insurance and pensions markets. The EIOPA Guidelines on Outsourcing to Cloud Service Providers ("EIOPA cloud outsourcing guidelines") specify the internal governance arrangements that insurance and re-insurance undertakings within EIOPA’s mandate should implement when they outsource functions to cloud service providers. The guidelines clarify how the requirements in Directive 2009/138/EC (Solvency II Directive) and Commission Delegated Regulation (EU) No 2015/35 (Delegated Regulation) apply when outsourcing to a cloud service provider.

The EIOPA cloud outsourcing guidelines provide specific guidance on the contractual relationship between undertakings and their cloud service providers, including requirements around sub-outsourcing, security, access, information and audit rights, and termination rights.

Google Cloud’s contracts for undertakings in Europe address the contractual requirements in the EIOPA cloud outsourcing guidelines. We have also created mappings to the guidelines for both GCP and Google Workspace to assist you with understanding how we can support you with meeting the requirements and assess us as an outsourced service provider. Google Cloud is committed to addressing these requirements regardless of how undertakings choose to use our services.


ISO/IEC 27001

Learn more

ISO/IEC 27017

Learn more

ISO/IEC 27018

Learn more