One of Australia's main financial regulators has issued a blunt general warning to the entire financial services sector regarding cloud computing services, warning that the 'innocuous' nature of such services could mask hidden concerns about offshoring.
The Australian Prudential Regulatory Authority oversees banks, credit unions, building societies and insurance companies and, along with sister regulators like the Australian Securities and Investments Commission, is one of the main government instruments for maintaining the stability of Australia's financial system.
In an open letter to its entire constituency issued yesterday (PDF), APRA wrote that the use of cloud computing was not yet widespread in the financial services industry, but several organisations were considering, or already utilising, selected cloud computing services '” with examples including email, instant messaging, scheduling, collaboration and customer relationship management applications.
'While these applications may seem innocuous, the reality is they may form an integral part of an institution's core business processes, including both approval and decision-making, and can be material and critical to the ongoing operations of the institution,' Puay Sim, the regulator's general manager of its supervisory support division, wrote.
Sim added that the institutions it regulated 'do not always recognise the significance of cloud computing initiatives' and 'fail to acknowledge the outsourcing and/or offshoring elements in them' '” which could be a risk.