Regulatory Alerts2023-11-22
Guidelines on Cloud Computing Services
Issued by the Financial Services Commission of Mauritius, these Guidelines mandate that regulated licensees implement a risk-based cloud strategy and establish robust risk management frameworks when adopting cloud computing services. Licensees must conduct thorough due diligence and materiality assessments on cloud service providers, secure written contractual arrangements with clear liability and exit provisions, and notify the regulator at least 15 business days prior to deploying material cloud services. The Board and senior management retain full oversight, requiring annual audits, continuous security monitoring, documented contingency plans, and timely incident reporting to ensure ongoing regulatory compliance.
Share