EMEA | Financial services

FG16/5 - FCA

The Financial Conduct Authority (“FCA”) is responsible for regulating the conduct of financial services firms and financial markets in the United Kingdom, in addition to being a prudential supervisor and setting standards for the firms it regulates.

The FG16/5 Guidance for firms outsourcing to the cloud and other third-party IT services (“FG16/5”) clarifies the requirements on regulated firms when outsourcing to the cloud and other third party IT services. FG 16/5 provides specific guidance on: risk management, due diligence, monitoring and oversight, data security, audit and effective access to data, continuity and business planning.

Google Cloud’s contracts for financial institutions in the UK address the requirements in FG16/5. We have also created mappings to the guidelines for both GCP and Google Workspace to assist you with understanding how we can support you with meeting the requirements and assess us as an outsourced service provider. Google Cloud is committed to addressing these requirements regardless of how financial institutions choose to use our services.

ISO/IEC 27001

Learn more

ISO/IEC 27017

Learn more

ISO/IEC 27018

Learn more