2026-05-05

GFSC Guidance Note on Outsourcing and Third Party Risk Management for Banks and Insurers

The Gibraltar Financial Services Commission issued this guidance to establish expectations for banks and insurers regarding outsourcing and third-party risk management. It mandates rigorous governance, materiality assessments, and due diligence while clarifying that non-outsourcing third-party arrangements remain subject to proportionate risk controls. The document further details requirements for data security, audit rights, sub-outsourcing oversight, and business continuity planning to ensure operational resilience.

Gibraltar

Gibraltar Financial Services Commission

Show thumbnailShow full textSourceAdd to collection

Show thumbnail