The UK Treasury released a policy paper on Wednesday (June 8) proposing a new regulatory framework that would provide the Bank of England (BoE) and the Financial Conduct Authority (FCA) with new powers to oversee tech firms that provide critical services to the financial industry.
The government is concerned about the growing dependence of banks on cloud computing, as these services are mostly provided by a handful of players. As of 2020, over 65% of U.K. firms used the same four cloud providers for cloud infrastructure services, according to the Treasury statement.
If many firms rely on the same third party for material services and this company fails, it could have a systemic impact across the financial system, the paper argues.
The government doesn’t cite by name which non-financial companies may be “critical” for the industry, but Amazon and Microsoft are two of the companies that may be affected by this regulation. The financial regulators’ current powers are not sufficient to tackle the systemic risks that disruption at a third party providing key services to multiple firms could cause, so the Treasury is proposing new legislation to address this concern.
First, the Treasury, in consultation with the BoE and the FCA, will designate certain third parties as “critical.” The policy paper doesn’t offer information about the criteria that regulators will use to designate a company as “critical,” only that it will take into account “the number and type of services and the materiality of these services.”
These criteria will be set out in primary legislation, and it is expected that the third parties affected could also make representations to the Treasury about this designation.
Second, once a company has been designated as “critical,” the financial regulators will be able to make rules relating to the provision of these material services, gather relevant information from critical third parties and take formal action (including enforcement) where needed. More information about these powers is expected via primary legislation, but the Treasury advances that the regulators will be able to enter companies’ premises as part of an investigation, request information and require the production of documents.
The paper doesn’t include all the potential penalties for the companies if they don’t comply with the regulator’s requests, but as a last resort, the government is considering granting regulators the power to prohibit a critical third party from providing future services or continuing to provide services to firms.
The government’s next steps are to propose new legislation and publish a discussion paper on this topic shortly after such legislation is introduced. Legislation could be passed within this parliamentary session that started in May as the government included this plan in the Queen’s speech, which usually determines the laws that will be discussed in a parliamentary session.
Want more news? Subscribe to CPI’s free daily newsletter for more headlines and updates on antitrust developments around the world.