Home   Browse contents   View updates   Search  
     Quick search
Go
   

Dubai Financial Services Authority (DFSA): Contents

Dubai Financial Services Authority (DFSA)
Laws
Rulebook Modules
Prudential — Investment, Insurance Intermediation and Banking Module (PIB) [VER33/02-19]
Sourcebook Modules
Consultation Papers
Policy Statements
DFSA Codes of Practice
Amendments to Legislation
Media Releases
Notices
Financial Markets Tribunal
Archive

Whole SectionText only Print Print Manager Link


  Versions
(1 version)
 
Dec 9 2012 onwards

PIB 6.8.1 Guidance



Whole Section PDF

The definitive version of DFSA handbook text is the PDF version as that is the text of the instrument as made and published by the DFSA.

To view past versions of this module in PDF format, please visit the Archive.

1. GENG RulesG GEN 5.3.21 and GEN 5.3.22 set out the DFSAG requirements on outsourcing by Authorised FirmsG . This section complements the requirements in the GENG module and contains guidance on managing the Operational RiskG associated with outsourcing arrangements.
2. The assessment of outsourcing risk at an Authorised FirmG may depend on several factors, including the scope and materiality of the outsourced activity, how well the Authorised FirmG manages, monitors and controls outsourcing risk (including its general management of Operational RiskG ), and how well the service provider manages and controls the potential risks of the operation.
3. Factors that an Authorised FirmG should consider in establishing outsourcing arrangements include the following:
a. the financial, reputational and operational impact on the Authorised FirmG of the failure of a service provider to perform adequately the activity;
b. potential losses to an Authorised Firm'sG customers and counterparts in the event of a service provider failure;
c. the consequences of outsourcing the activity on the ability and capacity of the Authorised FirmG to conform with regulatory requirements and changes in such requirements;
d. the interrelationship of the outsourced activity with other activities within the Authorised FirmG ;
e. the cost associated with the outsourcing;
f. any affiliation or other relationship between the Authorised FirmG and the service provider;
g. the regulatory status of the service provider;
h. the degree of difficulty and time required to select an alternative service provider or to bring the business activity in-house, if necessary;
i. the complexity of the outsourcing arrangement. For example, the ability to control the risks where more than one service provider collaborates to deliver an end-to-end outsourcing solution; and
j. any data protection, security and other risks which may be adversely affected by the geographical location of an outsourcing service provider. To this end, Specific RiskG management expertise in assessing country risk related, for example, to political or legal conditions, could be required when entering into and managing outsourcing arrangements that are taken outside of the home country.
Derived from RM111/2012 (Made 15th October 2012). [VER20/12-12]