The Fintech Open Source Foundation (Finos) is forming an open standard project to describe consistent controls for compliant public cloud deployments in the financial services sector.
Based on an approach developed by Finos member Citi, the project aims to develop a unified set of cybersecurity, resiliency, and compliance controls for common services across the major cloud service providers in a fast moving area with a fragmented regulatory landscape.
By developing a unified taxonomy of common services and associated threats, the project also sets out to alleviate the systemic risk of cloud concentration, an issue highlighted in recent reports from regulators in the US, UK, EC and Singapore.
Citi has been joined by a host of Finos members - including Bank of Montreal, Goldman Sachs, Morgan Stanley, Royal Bank of Canada, London Stock Exchange, Natwest, Google Cloud, and GitHub - on the effort.
Jim Adams, CTO and head of technology infrastructure, Citi, says: "There is a need for a Cloud Standard that will improve certain security and control measures across the Financial Services industry, whilst simplifying and democratising access for all institutions to operate and benefit by leveraging the public cloud.
"It is important to collaborate with our peers to ensure consistency across cloud service providers, ensuring the industry can realise true multi-cloud strategies."