OM-3.9.4

Location:

Versions

Past version: Effective from 01 Jul 2016 to 30 Sep 2017
To view other versions open the versions tab on the right

For intragroup outsourcing of functions/services containing customer information, the following conditions must be met:

(a) The outsourcing providers must be annually audited by the group internal audit team and the audit findings must be reported to the CBB;

(b) The service level agreement must clearly state that the CBB has the legal right to conduct onsite examinations of the outsourcing provider and such expenses are to be borne by the licensee;

(c) Any report by any other regulatory authority on the quality of controls of the outsourcing provider must be submitted immediately by the retail bank to the CBB; and

(d) Where customer information is shared with the outsourcing provider, prior written customer consent must be obtained.

Added: July 2016