Britain designated Microsoft Ireland Operations Ltd, Google Cloud EMEA Ltd, Amazon Web Services EMEA SARL and Oracle Corporation UK Ltd as critical third parties under cloud rules, effective July 13. The rule subjects these providers to direct oversight designed to manage operational and compliance risks across banks and insurers.
On July 10, Britain designated Microsoft Ireland Operations Ltd, Google Cloud EMEA Ltd, Amazon Web Services EMEA SARL and Oracle Corporation UK Ltd as critical third parties under its cloud service regulations, effective July 13. This move brings major cloud providers under the UK Prudential Regulation Authority’s direct oversight to bolster resilience in banking, insurance and financial market infrastructures.
As a designated critical third party, Oracle Corporation UK Ltd must meet enhanced notification requirements, conduct operational resilience assessments and submit to potential on-site inspections. These measures could raise Oracle’s compliance costs, require additional governance resources and increase transparency of its cloud services to financial institutions.