Meet us
The IBA Annual Conference
Meet us
More and more companies are outsourcing their infrastructure, platforms and software to the cloud, usually via one of the big-tech cloud providers. Financial companies are confronted with a multitude of regulatory requirements with regard to IT, especially when it comes to outsourcing. From audit rights to cyber security, there is a long list of mandatory requirements. The Digital Operational Resilience Act – DORA – places further requirements on IT risk management and the governance of third-party service providers. Corporate resilience is also the subject of current European legislation.
Your challenges
Our solutions for you
- Support in the planning of cloud outsourcing projects and selecting a CSP
- Preparing requirement profiles, requests for proposal (RfP), support during the tendering process
- Advising and negotiating cloud outsourcing contracts, including regulatory requirements for financial companies
- Advice on regulatory requirements for financial companies, in particular under MaRisk, KaMaRisk, BAIT/KAIT/ZAIT/VAIT, ESMA guidelines on outsourcing to cloud providers, EBA guidelines on outsourcing and ICT risk management, BaFin administrative practice, as well as DORA
- Advice on requirements under data protection law and intellectual property law, in particular licensing law
- Advice on information security requirements, cyber security
- Consideration of group structures and advice on intra-group risk management and outsourcing
- Comprehensive IT legal advice and contract drafting
- Drafting and negotiating all types of IT contracts (SaaS, IaaS, PaaS, IT projects, software creation, etc.)
- Preparing a GAP analysis with regard to the status quo of the IT regulation currently implemented within the company and the extended new requirements brought in by DORA