As a result of the new outsourcing rules and guidelines for financial companies, including the Outsourcing Executive Order for credit institutions, etc., and EIOPA's guidelines for cloud outsourcing, you as a Compliance Officer may find yourself in the middle of a regulatory jungle, lacking overview.
Together with Plesner Advokatpartnerselskab's leading experts in cloud outsourcing, we have developed a strong compliance solution that gives you clarity, an overview and an action plan.
Define, monitor and document all your outsourcing arrangements in one place to eliminate inefficient work across excel sheets.
We have turned the executive order of outsourcing into a clear and structured questionnaire that reflects the requirements of the Outsourcing Executive Order.
Once you are compliant we’ll assets you maintain your controls by automating them to move the manual burden from your shoulders.
All your needs in a seamless compliance solutionLet's talk
In collaboration with the experts from Plesner Advokatpartnerselskab, RISMA has developed a solution to help insurance companies and pension funds put the management of cloud outsourcing into a system and thus comply with EIOPA's guidelines for cloud outsourcing.
The solution takes into account the existing requirements for outsourcing in the Solvency II Regulation. Organizations subject to both EIOPA and EBA guidelines can benefit from using the solution to handle all organizational outsourcing events.
In collaboration with IT and outsourcing experts from Plesner Advokatpartnerselskab, we have developed an outsourcing solution that can help your organization ensure compliance with the Outsourcing Executive Order for financial organizations such as banks, investment companies, etc.
In short, our outsourcing solution is designed to help you become compliant through guidance and a set of practical tasks. For instance, the experts from Plesner have transformed the entire executive order as questions and contributed with content to the gap analysis tool, the assessment tool, action plans, and the control catalog.
The outsourcing solution also ensures that you have a complete overview of all employees’ tasks across departments and systems.
You can map and get an overview of the scope of the organization's outsourcing work, including suppliers, systems, and policies.
Through a clear and structured questionnaire that reflects the many requirements of the Outsourcing Executive Order, you and your colleagues collect relevant information about each outsourcing event.
The solution will support your assessments, including whether the outsourcing arrangement is important or critical. The gap analysis can show whether, for example, risk assessments performed are in accordance with the Executive Order.
You get an overview of which areas require mitigating actions. You can also monitor your efforts and maintain your compliance with ongoing controls of, for instance, suppliers.
Generate relevant reports at any time to document your efforts to relevant stakeholders. For example, you can extract the statutory register of outsourcing arrangements to the Danish FSA.
Our outsourcing solution is developed with an intuitive user interface, making it is easy to work with. However, this does not preclude the need for good help to ensure optimal implementation in the organization.
To get the best possible start, our Customer Success team is ready to help your organization get started with a well-organized process. You also have the possibility of receiving ongoing support, so you get the most out of using our solution.
Power your organisation by connecting data, teams, action and reporting in an integrated GRC platform.
Whether you deploy one, two, or all our solutions, RISMA GRC platform provides great value by boosting collaboration, increasing visibility, and saving time for everyone involved.
Yes, RISMA's outsourcing solution allows you to meet the registry requirements for both regular outsourcing and important or critical outsourcing arrangements.
The solution allows you to hand over the register in an electronically readable form to the Danish Financial Supervisory Authority, which is a requirement according to the new outsourcing notice.
Previously, it has been customary for financial companies to handle their outsourcing arrangements in Excel and other systems. However, the new outsourcing requirements impose far more restrictions for each outsourcing arrangement – including arrangements that are defined as non-important or non-critical.
This also includes stricter requirements for documentation of all assessments you make. In addition to this, you also need to provide information from your new register in an electronically readable format to the Danish Financial Supervisory Authority.
Read the outsourcing guidelines that reflect EBA's guidelines.
At the same time, it has become clear that you need to have more active control of your suppliers - both to comply with the outsourcing rules and GDPR.
Many users find that the ability to document, record, and monitor outsourcing arrangements becomes less complex and more accurate when they choose to get a system that supports their outsourcing management.
Additionally, you ensure that the entire organization can collaborate on the individual arrangement. For instance, it is often necessary to involve procurement, risk, IT security, law, etc. in the process and contact arrangement if changes occur in your organization.
The new outsourcing rules also include requirements for outsourcing arrangements that are not important or critical.You need to:conduct a risk assessment of all outsourcing arrangementsmake sure you meet the requirements of the outsourcing contracts, including termination access in the contractregister all outsourcing arrangements in your register.
The outsourcing requirements covers a wide range of obligations. Below are just a few of the essential aspects: