A recent fine levied by the PRA in respect of failures at a small UK-based bank is a useful reminder for firms of the basic principle that while a firm may outsource the practical aspects of the outsourced function, it may not outsource its regulatory responsibilities as they relate to the outsourced function.
In this briefing we explain that firms should mitigate the risks of outsourcing through, at a minimum, due diligence, contractual protections and close oversight. Firms should also check that their internal procurement, audit and approval processes are as rigorous for intra-group arrangements as they are for third party procurements.