The Financial Conduct Authority (“FCA”)
is responsible for regulating the conduct of financial
services firms and financial markets in the United Kingdom,
in addition to being a prudential supervisor and setting
standards for the firms it regulates.
The FG16/5 Guidance for firms outsourcing to the cloud and other third-party IT services (“FG16/5”)
clarifies the requirements on regulated firms when
outsourcing to the cloud and other third party IT services.
FG 16/5 provides specific guidance on: risk management, due
diligence, monitoring and oversight, data security, audit
and effective access to data, continuity and business
Google Cloud’s contracts for financial institutions in the
UK address the requirements in FG16/5. We have also created
mappings to the guidelines for both GCP and Google Workspace
to assist you with understanding how we can support you with
meeting the requirements and assess us as an outsourced
service provider. Google Cloud is committed to addressing
these requirements regardless of how financial institutions
choose to use our services.