LogoRegulatory Alerts
2022-09-07

Guideline on Use of Cloud Services

The Bank of Mauritius issued this guideline to establish comprehensive governance, risk assessment, and security requirements for licensed financial institutions utilizing cloud services. Institutions must implement board-approved cloud strategies, conduct materiality and risk assessments, perform provider due diligence, and submit regulatory notifications at least sixty days before deploying material cloud services. The framework mandates heightened security controls, robust contingency and exit plans, clear data location rules, and strict subcontracting oversight to mitigate operational, cyber, and concentration risks while ensuring ongoing regulatory compliance.

Bank of Mauritius logo

Mauritius

Bank of Mauritius

Click to view full text
Share