SEBI unveils framework for adopting cloud services by stock exchanges

[ad_1]

Cloud computing is the on-demand delivery of IT resources through the internet with pay-to-use charges. Instead of buying and maintaining computer products and services, one can pay to use a cloud computing service saving the time, effort and cost of doing it.

According to the regulator, the cloud framework is a principle-based framework that covers Governance, Risk and Compliance (GRC), selection of Cloud Service Providers (CSPs), data ownership and data localisation, due- diligence by REs, security controls, legal and regulatory obligations, among others.

The Securities and Exchange Board of India (Sebi) on Monday unveiled a framework for the adoption of cloud services by stock exchanges, clearing corporations and other regulated entities (REs) including depositories, stock brokers through exchanges, asset management companies (AMCs) and KYC registration agencies (KRAs).

The cloud framework has been drafted to provide baseline standards of security and for the legal and regulatory compliances by the Regulated Entities (REs). It will be in addition to the existing circulars, guidelines and advisories of Sebi.

“The major purpose of this framework is to highlight the key risks, and mandatory control measures which REs need to put in place before adopting cloud computing. The document also sets out the regulatory and legal compliances by REs if they adopt such solutions,” it said in a circular. The framework will come into force immediately for all new or proposed cloud onboarding assignments or projects of the REs.

Cloud computing is the on-demand delivery of IT resources through the internet with pay-to-use charges. Instead of buying and maintaining computer products and services, one can pay to use a cloud computing service saving the time, effort and cost of doing it.

For REs that are currently availing cloud services should ensure that wherever applicable, all such arrangements are revised and they should be in compliance with the framework within 12 months. In recent times, the dependence on cloud computing for delivering IT services has been on the rise.

“While cloud computing offers multiple advantages viz ready to scale, ease of deployment, no overhead of maintaining physical infrastructure etc., the RE should also be aware of the new cyber security risks and challenges which cloud computing introduces,” Sebi noted.

According to the regulator, the cloud framework is a principle-based framework that covers Governance, Risk and Compliance (GRC), selection of Cloud Service Providers (CSPs), data ownership and data localisation, due- diligence by REs, security controls, legal and regulatory obligations, among others.

© The Indian Express (P) Ltd

[ad_2]

Source link