Financial institutions are increasingly in a race to transform their business models and operations to compete in today's digital world, and a key aspect of digital transformation is the transition from traditional IT services to cloud-based solutions. Cloud provides an excellent opportunity for financial institutions to swap capital expenditure for operating expenditure, benefit from flexible consumption models and new technologies, often at lower cost. But cloud implementations by financial institutions may sometimes amount to regulated outsourcing in some jurisdictions. Additionally, the dispersed nature of cloud solutions, with data stored and accessed in multiple jurisdictions, can create compliance challenges under local laws, including in relation to financial services regulation, and data privacy and security laws. The Baker McKenzie Cloud Compliance Center aims to provide a snapshot of the legal and regulatory position of cloud in key jurisdictions of interest for financial institutions, and provide simple answers to a few important headline questions that all financial institutions will need to consider when taking the leap to cloud.
Regulatory burden is based on our assessment of the degree to which regulatory and legal requirements facilitate cloud outsourcing by financial institutions in a multijurisdictional context including complexity, rules on data location / transfer and secrecy laws.