Dubai: The UAE Central Bank has issued a new outsourcing regulation for banks.
The new set of rules are part of the regulator’s ongoing efforts to introduce robust regulatory frameworks that safeguard the UAE’s banking sector.
The regulation, which comes into effect one month following the date of publication in the Gazette, aims to ensure banks are appropriately managing risks when outsourcing certain functions. This includes the requirement for mandatory inclusion of board-approved policies for outsourcing activity in banks’ governance frameworks.
Risk management
CBUAE, through the introduction of this regulation, seeks to ensure that banks' approaches to managing the risks inherent in outsourcing arrangements are in line with international practices and contribute in enhancing financial stability.
“Our introduction of the Outsourcing Regulation is testament to CBUAE’s robust efforts to ensure the integrity of banks’ risk management frameworks and operational stability,” said Khaled Mohamed Balama, Governor.
Under the Regulation, banks operating in the UAE must obtain a notice of no-objection from CBUAE prior to outsourcing any activity.
Protecting consumers
A key principle underpinning this regulation is that a bank’s outsourcing arrangements should not impair its ability to fulfil its obligations to consumers and to CBUAE, nor impede on CBUAE’s supervisory provisions.
As stipulated by the regulation, it must be ensured that banks’ consumers confidential data must not be shared outside the UAE without prior approval from both CBUAE and the concerned consumer.
“The central bank prioritises the utmost importance to data protection and risk management by issuing directives that govern and safeguard banks and their consumers, in line with international standards and best practice,” he added. “We are confident this regulation will amplify the ability of banks operating within the UAE to mitigate potential threats from outsourcing activities.”