Find the right Google Cloud partner in Financial Services for your business. Choose one of many trusted partners to help you move to, build, and work in the cloud.

The Swiss Financial Market Supervisory Authority (“FINMA”) is responsible for inspection and supervision of banks, insurance companies, financial institutions, collective investment schemes, fund managers and insurance intermediaries. FINMA is responsible for protecting creditors, investors and policyholders in addition to ensuring that Switzerland’s financial markets function effectively. The Circular 2018/3 “Outsourcing - banks and insurers” (“Circular 2018/3”) defines the supervisory requirements applicable to outsourcing requirements in terms of appropriate organisation and risk limitation. Circular 2018/3 provides specific guidance on: monitoring, due diligence, audit rights, security, business continuity, sub-outsourcing, outsourcing to another country and the rights to issue instructions.

The Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) is responsible for the supervision of all banks, credit institutions, insurers, funds and financial institutions in Germany. Its objective is to ensure the functioning, stability and integrity of the German financial market. BaFin issued guidance on outsourcing to cloud service providers (BaFin Cloud Outsourcing Guidance) to create greater transparency into the supervisory assessment of cloud outsourcing. The BaFin Outsourcing Guidance provides specific information for financial institutions on contractual terms, including information and audit rights, the right to issue instructions, data security/ protection, termination and chain outsourcing.

The European Insurance and Occupational Pensions Authority ("EIOPA") is an independent EU Authority that works to foster financial stability and confidence in the insurance and pensions markets. The EIOPA cloud outsourcing guidelines specify the internal governance arrangements that insurance and re-insurance undertakings within EIOPA’s mandate should implement when they outsource functions to cloud service providers. The guidelines clarify how the requirements in Directive 2009/138/EC (Solvency II Directive) and Commission Delegated Regulation (EU) No 2015/35 (Delegated Regulation) apply when outsourcing to a cloud service provider. The EIOPA cloud outsourcing guidelines provide specific guidance on the contractual relationship between undertakings and their cloud service providers, including requirements around sub-outsourcing, security, access, information and audit rights, and termination rights.

The Austrian Financial Market Authority (“Austrian FMA”) is responsible for the supervision of banks (in cooperation with the Austrian Central Bank), insurance companies, pension companies and the financial securities sector, including stock exchanges to promote cooperation on financial market issues and financial market stability. The Versicherungsaufsichtsgesetz (“VAG”) addresses the Austrian FMA’s expectations when insurance or reinsurance undertakings outsource activities. The VAG provides specific guidance on audit rights, monitoring the service, reporting and information access.

Google Cloud satisfies, among others, the ISO/IEC 2700 series (27001, 27017, 27018, 27701); BSI C5 (Security & Privacy); and GDPR (Compliance) certifications.