The Pension Fund Regulatory and Development Authority (PFRDA) has recently issued a circular on 23rd November, 2023 on the adoption of cloud services by intermediaries registered with PFRDA. This circular aims to provide a policy framework and regulatory guidelines for intermediaries to ensure the secure and compliant use of cloud services in their operations. With the increasing adoption of cloud solutions in the financial services sector, this circular emphasizes the need to address cyber security risks and challenges while leveraging the advantages offered by cloud technology.
Intermediaries registered with PFRDA have been actively utilizing information technology and adopting cloud services to enhance their business models and improve customer experience. Cloud solutions offer numerous advantages such as scalability, ease of deployment, and reduced overhead costs. However, it is crucial to acknowledge that the adoption of cloud services also brings forth cyber security risks and challenges. Therefore, the circular highlights the importance of ensuring regulatory compliance and implementing necessary measures to mitigate these risks effectively.
To address the risks associated with the adoption of cloud services, PFRDA has developed a comprehensive policy framework. This framework outlines the regulatory and legal requirements that intermediaries must adhere to when adopting cloud services. It is important to note that this policy is in addition to the existing outsourcing guidelines issued by PFRDA for Central Recordkeeping Agencies and pension funds. The circular explicitly states that the adoption of cloud services will be considered as part of the outsourcing activities by registered intermediaries.
