Building Tomorrow’s Financial Institutions: Industry-Enabling Regulatory Frameworks Needed, says Asia Cloud Computing Association

In a report looking at financial services regulations across the Asia Pacific (APAC) region, Singapore and Hong Kong have come up on top as having the most favourable policies for cloud adoption. Cloud computing technology is redefining the way financial services institutions (FSIs) respond to new consumer habits, says the Asia Cloud Computing Association (ACCA). At the same time, FSIs must address the need for data protection and privacy, and other heightened compliance requirements. The Asia's Financial Services on the Cloud 2018 report was designed to provide a snapshot of Asia Pacific (APAC)'s financial regulatory landscape, and how certain types of regulation could enhance -- or impede on -- FSIs' ability to use cloud services. This new report is an update of a report initially published in 2015.

According to Gartner, cloud computing is projected to increase to USD162B in 2020 attaining a compound annual growth rate (CAGR) of 19%. 74% of Tech Chief Financial Officers (CFOs) said cloud computing will have the most measurable impact on their business in 2017.[1] The IDC expects that 2017-2018 will be a tipping point for cloud uptake among Asia/Pacific banks. According to the IDC at least 80% of these banks will run on a hybrid cloud architecture by 2018. [2]


"Cloud computing is transforming the financial services sector by presenting a viable, secure and cost-efficient model for delivering customer centric services," says Sassoon Grigorian, Chair of the ACCA Financial Services Industry Special Interest Group. "There have also been developments in technology whether it be blockchain, fintech or other financial service developments, which further drive the need for cloud."

"A suitable regulatory framework is necessary for FSIs to reap the full benefits of cloud computing. The ACCA is keen to support APAC regulators on this front, and has proposed some recommendations for policies that support cloud adoption," says Sassoon Grigorian. "These include a consistent definition of outsourcing between jurisdictions and a clear distinction between services deemed material or critical to FSIs, and those deemed non-critical. Regulations should also make the distinction between control versus possession of data clear, and define the roles and responsibilities of a data controller accordingly."

"APAC FSIs' utilisation of cloud services has grown significantly over the past few years as we see regulators' improved understanding of the technology reflected in more nuanced outsourcing guidelines," adds Lim May-Ann, Executive Director for the ACCA. "Use cases are becoming much more established and, with an appropriate regulatory framework in place, we envisage the migration of more business-critical processes and applications to the public cloud to become more prevalent, and drive this upward growth trajectory into the coming years."

The report notes that Hong Kong, New Zealand, the Philippines, Singapore and South Korea have made positive steps in improving regulatory clarity since 2015. However, the APAC region writ large still has some way to go in breaking down the barriers to cloud adoption -- data localisation requirements and excessive administrative burdens that threaten to erode essential cloud computing benefits need to be reviewed for APAC's financial services sector to truly embrace transformative use cases.

The report also analyses emerging regulatory trends in the region that have the potential to influence cloud appetite, comparing the relevant regulations across nine APAC markets, in 10 specific areas: 1. Due diligence process for cloud adoption, 2. Review, monitoring and control, 3. Audit, 4. Confidentiality and security, 5. Resilience, business continuity and disaster recovery, 6. Data transfer and location, 7. Data use limitations, 8. Data Segregation, 9. Cloud contracts and subcontracting, and 10. Exit and termination. Case studies showcasing how FSIs are reaping the benefits of cloud are also included.

The report will be launched on 30 April 2018 in Singapore, in partnership with the Association of Banks in Singapore at 8am, Salesforce Singapore office, Level 13, Suntec Tower 5, Temasek Blvd, and can be downloaded at For interviews, please reach out via the contact points below.

About the Asia Cloud Computing Association 

ACCA is the apex industry association representing the stakeholders of the cloud computing ecosystem in Asia-Pacific. The ACCA's mission is to accelerate adoption of cloud computing in Asia by helping to create a trusted and compelling market environment and a safe and consistent regulatory environment for cloud computing products and services. The association works to ensure that the interests of the cloud computing community are effectively represented in the public policy debate. Drawing on subject-matter expertise from our member companies, expert working groups, and special interest groups are convened where best practice recommendations and other thought leadership is designed and produced. 


To find out more on how to join us, email [email protected], or visit our website at

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Most Popular

To Top