United Kingdom: Adopted FCA, Bank of England, and PRA rules for critical third parties in financial services including resilience testing and incident reporting requirements

Description

Adopted FCA, Bank of England, and PRA rules for critical third parties in financial services including resilience testing and incident reporting requirements

On 12 November 2024, the Financial Conduct Authority (FCA), Bank of England, and Prudential Regulation Authority (PRA) adopted rules to strengthen the resilience of critical third parties (CTPs) providing services to the financial sector. The rules …

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
digital payment provider (incl. cryptocurrencies), other service provider
Implementation Level
national
Government Branch
executive
Government Body
central bank

Complete timeline of this policy change

Hide details
2024-11-12
adopted

On 12 November 2024, the Financial Conduct Authority (FCA), Bank of England, and Prudential Regulat…

2025-01-01
in force

On 1 January 2025, the Financial Conduct Authority (FCA), Bank of England, and Prudential Regulatio…