Guide to secure cloud banking
Swiss banks are very interested in the subject of cloud computing, but they have so far been reluctant to migrate their data – especially client data – to the cloud. This is because certain questions regarding the legal and regulatory frameworks remain unanswered.
The SBA set up a working group with the aim of creating clarity on these points. With its focus on providing a legally non-binding aid to interpretation in practice, it identified four areas that are of central importance when it comes to migrating to the cloud:
- choosing a cloud provider and its subcontractors
- processing data on bank clients and banking secrecy
- transparency and collaboration between institutions and cloud providers with regard to measures ordered by the authorities and the courts
- auditing the cloud services and the cloud infrastructure used to deliver them
These legally non-binding recommendations in four areas are intended to offer banks in Switzerland a solid foundation on which to ensure compliance in cloud banking. Each institution must decide for itself whether and how it migrates data to the cloud.
For an introduction to this forward-looking topic, please see the video explaining cloud banking and discussions on the SBA’s Twitter and LinkedIn profiles.