Financial services businesses throughout the world are increasingly using third parties to carry out activities that the businesses themselves would normally have undertaken. Industry research and surveys by regulators show financial firms outsourcing significant parts of their regulated and unregulated activities. These outsourcing arrangements are also becoming increasingly complex.

Outsourcing has the potential to transfer risk, management and compliance to third parties who may not be regulated, and who may operate offshore.

In these situations, how can financial service businesses remain confident that they remain in charge of their own business and in control of their business risks? How do they know they are complying with their regulatory responsibilities? How can these businesses demonstrate that they are doing so when regulators ask?

To help answer these questions and to guide regulated businesses, the Joint Forum established a working group to develop high-level principles about outsourcing.

In this paper, the key issues and risks are spelt out in more detail and principles are put forward that can serve as benchmarks. The principles apply across the banking, insurance and securities sectors, and the international committees involved in each sector1 may build on these principles to offer more specific and focused guidance. Selected international case studies show why these questions matter.