Abu Dhabi (Al-Ittihad) issued Central Bank of the United Arab Emirates The new bank outsourcing system, and the accompanying standards, as part of its continuous efforts to introduce strong regulatory frameworks that govern and protect the banking sector in the UAE in the best possible way. The system, which enters into force a month after its publication in the Official Gazette, aims to ensure that banks carry out appropriate risk management when outsourcing some tasks. This includes the requirement for the mandatory inclusion of the policies and procedures approved by the Board of Directors for the outsourcing of activity, in the frameworks of banking governance.
The Central Bank also seeks through the introduction of this system to verify that the banks’ methodology in managing the risks inherent in outsourcing arrangements is in line with leading international prudential practices to contribute to enhancing financial stability. Under this system, banks operating in the UAE must obtain a no-objection notice from the Central Bank before outsourcing any substantial activity.
His Excellency Khalid Mohammed Balama, Governor of the Central Bank of the UAE, said: “Our introduction of the outsourcing system and accompanying standards is a testament to the continuous efforts made by the Central Bank of the UAE to ensure the integrity of risk management frameworks and operational stability in banks.” He added, “The Central Bank attaches utmost importance to data protection.” And risk management by issuing directives that govern and protect banks and their customers, in line with best practices and international standards.”
“We are confident that this system will increase the ability of banks operating in the country to mitigate potential threats that may accompany outsourcing activities, ensuring that banks continue to protect the security of their institutions and customers,” he said.
One of the main principles on which the system is based is that outsourcing arrangements do not impair the bank’s ability to meet its obligations to its customers and to the Central Bank, or impede effective supervision and control by the Central Bank. As stipulated in the system and the accompanying standards, it must be ensured that confidential data related to bank customers outside the country is not shared without obtaining the prior approval of the Central Bank and the customer of the concerned bank.