FSC loosens rules on cloud data
Financial companies will be able to store sensitive info online
The Financial Services Commission (FSC) unveiled on Sunday a set of measures to accelerate the use of cloud computing in the financial sector, easing regulations that have hindered the adoption of the technology, which is already widely used in other technologically-advanced countries.
As of the end of March, 38 financial firms were using cloud systems. But their usage was confined to internal administrative work, at 43.8 percent, and customer service, at 27.4 percent.
Global financial firms have been increasingly using cloud computing to store customer-account data and banking systems in partnership with three big service providers – Amazon, Google and Microsoft.
“Korea has not been able to take advantage of big data via the cloud when capturing risky circumstances in the financial industry, such as credit assessments, risk analysis and fraud,” said Choi Hoon, director general of the banking and insurance bureau at the FSC. Cloud services can also offer automated financial services to a larger number of customers.
“The regulatory changes will also make it possible for fintech firms to save on costs, as the cloud removes the need to build costly IT infrastructure. The expanded use of cloud systems is expected to improve the competitiveness of the country’s financial industry.”
The regulations on the supervision of electronic financial businesses have barred financial firms from storing any data that contains even a single piece of personal credit or identification information, such as a resident registration number, on a cloud computing system.
The regulator expanded what financial companies can store in the cloud to “core information,” such as personal credit and identification information. This rule change will only apply to cloud computing systems located in Korea. Use of cloud systems based abroad will not yet be allowed, due to potential jurisdiction conflict in the event of legal trouble.
According to Choi, personal credit and identification information will be “strictly” protected and managed.
“Financial firms will be saving and using personal information within the cloud computing system and not leaking or circulating it,” he said.
In a related move, the FSC said it will develop guidelines on the use of cloud systems and mandate that financial firms step up security when storing crucial customer information in the cloud.
As reliance on cloud computing grows, concerns over the internet-based systems have been mounting. The European Banking Authority said in a report earlier this month that “a possible impact on the wider operational risk could arise from issues with data security, systems and banking secrecy” related to cloud storage.
BY SEO JI-EUN [email@example.com]