Skip to main content
Response to consultation on draft Guidelines on outsourcing
Go backQ1: Are the guidelines regarding the subject matter, scope, including the application of the guidelines to electronic money institutions and payment institutions, definitions and implementation appropriate and sufficiently clear?
Please see the document attached.Q2: Are the guidelines regarding Title I appropriate and sufficiently clear?
Please see the document attached.Q3: Are the guidelines in Title II and, in particular, the safeguards ensuring that competent authorities are able to effectively supervise activities and services of institutions and payment institutions that require authorisation or registration (i.e. the activities listed in Annex I of Directive 2013/36/EU and the payment services listed in Annex I of Directive (EU) 2366/2015) appropriate and sufficiently clear or should additional safeguards be introduced?
Please see the document attached.Q4: Are the guidelines in Section 4 regarding the outsourcing policy appropriate and sufficiently clear?
Please see the document attached.Q5: Are the guidelines in Sections 5-7 of Title III appropriate and sufficiently clear?
Please see the document attached.Q6: Are the guidelines in Sections 8 regarding the documentation requirements appropriate and sufficiently clear?
Please see the document attached.Q7: Are the guidelines in Sections 9.1 regarding the assessment of criticality or importance of functions appropriate and sufficiently clear?
Please see the document attached.Q8: Are the guidelines in Section 9.2 regarding the due diligence process appropriate and sufficiently clear?
Please see the document attached.Q9: Are the guidelines in Section 9.3 regarding the risk assessment appropriate and sufficiently clear?
Please see the document attached.Q10: Are the guidelines in Section 10 regarding the contractual phase appropriate and sufficiently clear; do the proposals relating to the exercise of access and audit rights give rise to any potential significant legal or practical challenges for institutions and payment institutions?
Please see the document attached.Q11: Are the guidelines in Section 11 regarding the oversight on outsourcing arrangements appropriate and sufficiently clear?
Please see the document attached.Q12: Are the guidelines in sections 12 regarding exit strategies appropriate and sufficiently clear?
Please see the document attached.Q13: Are the guidelines in Section 13 appropriate and sufficiently clear, Iin particular, are there any ways of limiting the information in the register which institutions and payment institutions are required to provide to competent authorities to make it more proportionate and, relevant? With a view to bring sufficient proportionality, the EBA will consider the supervisory relevance and value of a register covering all outsourcing arrangements within each SREP cycle or at least every 3 years in regard of the operational and administrative burden.
Please see the document attached.Q14: Are the guidelines for competent authorities in Title V appropriate and sufficiently clear?
Please see the document attached.Q15: Is the template in Annex I appropriate and sufficiently clear?
Please see the document attached.Q16: Are the findings and conclusions of the impact assessments appropriate and correct; where you would see additional burden, in particular financial costs, please provide a description of the burden and to the extent possible an estimate of the cost to implement the guidelines, differentiating one-off and ongoing costs and the cost drivers (e.g. human resources, IT, administrative costs, etc.)?
Please see the document attached.Name of organisation
Bitkom
