The Fintech Open Source Foundation (Finos) is initiating an open standard project aimed at establishing consistent controls for compliant public cloud deployments within the financial services sector.
This initiative is based on an approach developed by Finos member Citi and seeks to create a unified set of cybersecurity, resiliency, and compliance controls applicable across major cloud service providers, addressing challenges in a rapidly evolving and fragmented regulatory landscape.
The project also aims to alleviate the systemic risk associated with cloud concentration, a concern raised in recent reports by regulators in the US, UK, EU, and Singapore, by developing a standardized taxonomy of common services and related threats.
Citi is collaborating with several Finos members, including Bank of Montreal, Goldman Sachs, Morgan Stanley, Royal Bank of Canada, London Stock Exchange, NatWest, Google Cloud, and GitHub on this initiative.
Jim Adams, CTO and head of technology infrastructure at Citi, commented, “There is a need for a Cloud Standard that will enhance security and control measures across the financial services industry while simplifying and democratizing access for all institutions to leverage the public cloud. It is crucial to collaborate with our peers to ensure consistency across cloud service providers so the industry can achieve effective multi-cloud strategies.”