Institutions will need to meet deadlines to conduct a self-assessment of existing outsourcing arrangements, rectify identified deficiencies, and put in place measures to mitigate interim risks where a deficiency is significant.
On 27 July 2016, the Monetary Authority of Singapore (MAS) issued revised Guidelines on Outsourcing (Guidelines) after considering the feedback received in connection with its September 2014 public consultation paper (MAS Consultation Paper) that proposed to raise the standards of institutions’ outsourcing risk management practices.
The Guidelines are not legally binding, but MAS will consider an institution’s implementation of the Guidelines in determining the supervisory conduct of the institution’s board and senior management in the areas of governance, internal controls, and risk management.
Key aspects of the Guidelines include the following:
In implementing the Guidelines, institutions will need to conduct a self-assessment of all existing outsourcing arrangements by 26 October 2016, rectify deficiencies identified in the self-assessments by 26 July 2017, and put in place measures to mitigate interim risks where a deficiency is significant.
A MAS Notice on Outsourcing, which will define a set of minimum standards for outsourcing management, will be issued at a later date.
If you have any questions or would like more information on the issues discussed in this LawFlash, please contact the author, Daniel Yong, a director of Morgan Lewis Stamford LLC, a Singapore law corporation affiliated with Morgan Lewis & Bockius LLP.