Safe cloud principles for the financial services industry

Cloud computing is poised to transform how information technology is used by the financial services industry (FSI). However, this transformation can only come about if the FSI has confidence that the use of cloud computing will not interfere with legal obligations and sound business practice.

This document has been created in partnership between financial institutions (FIs), cloud service providers (CSP), financial regulators and industry bodies. It proposes safe cloud principles in the form of a unified, condensed and clarified set of best practices to help FIs to focus on and navigate through the relevant regulatory issues when contemplating a move to the cloud. The safe cloud principles cover key requirements such as confidentiality, availability and integrity and are derived from the very laws, regulations and guidelines with which FIs must comply.