“A feedback statement has been issued concurrently with the policy document to articulate the bank’s views on several areas of feedback,” it said.
Financial institutions should have strong oversight and control over outsourcing arrangements, as would have been the case if they were performed in-house, it noted.
“The board and senior management shall be accountable for ensuring effective oversight and governance of outsourcing arrangements, supported by a robust outsourcing risk management framework to manage outsourcing risks and ensure compliance with relevant laws, regulations and prudential requirements that relate to outsourced activities.
“In particular, the board and senior management must have regard to the financial institution’s ability to fulfil its obligations to customers, including the ability of customers to obtain redress, and ensure consistency with its recovery and resolution planning," it said.
The policy also states that the board must also approve an outsourcing plan, detailing the financial institution’s planned outsourcing arrangements for the following financial year, before the plan is submitted to the central bank.
“In assessing the plan, the board must have in place mechanisms to obtain assurance from senior management that the requirements set out in this policy document are duly met,” it added.