Email: This email address is being protected from spambots. You need JavaScript enabled to view it. CONTACT US    icon-linkedin  icon-twitter  icon-linkedin  LOGO ICON slideshare  icon-linkedin

2015 A Report on FSI Regulations Impacting Cloud in Asia Pacific Markets

Jun 2015 - ACCA FSI Update: Korea’s Regulations Revised

by Matthew Hunter, Olswang Asia LLP and Stacy Baird, Chairman, ACCA Data Sovereignty Working Group

In June 2015, the Korean financial services regulator announced regulatory changes that will make it easier for financial services institutions (FSIs) in Korea to use cloud computing services.

  • First, FSIs will now be allowed to engage cloud service providers (CSPs) whose data hosting infrastructure is located overseas.
  • Second, FSIs will no longer need approval from the regulator to use cloud computing services.
  • Third, FSIs will no longer need to sign the regulator’s standard form contract with CSPs, so the parties can agree their own contract.

These reforms substantially bring Korea in line with ACCA recommendations. [read full update]




 Download Report Here | Download Executive Summary | Download Press Release in PDF


FSI2015Press Release

Launch of the Asia Cloud Computing Association’s new research report

Asia’s Financial Services: Ready for the Cloud – A Report on FSI Regulations impacting Cloud in Asia-Pacific Markets

5 March 2015, 5-7pm at the ITC Windsor Hotel, Bangalore, India, followed by networking drinks

Nine Areas of Regulatory Focus for Asia Pacific’s Adoption of Cloud Computing in the Financial Services Industry, by the Asia Cloud Computing Association

Apex Industry Association Calls for Greater Clarity in Regulatory Environment; 
Makes Five Key Recommendations to Accelerate 
Cloud Computing Adoption in Financial Services Sector

BANGALORE, 5 MAR 2015 – Many industries are ready to embrace cloud computing to reap the benefits of this new technology. However, perceived regulatory challenges often stymie adoption efforts, such as in the case of highly regulated sectors like the Financial Services Industry (FSI). 


“FSIs in Asia Pacific region have generally been slow to adopt cloud services because there is often a misalignment between perception and reality,” says Stacy Baird, Chairman of the ACCA’s Data Governance Working Group. “Our research confirms that there are no “blanket bans” or prohibitions on cloud services, but a better understanding of the regulatory and legal requirements by both Cloud Service Providers (CSPs) and FSIs will contribute to greater cloud adoption.”


“This report reviews the current regulatory landscape in Asia Pacific, and lists key regulatory challenges to the adoption of cloud services by FSIs,” said Ian Ferguson from Olswang Asia LLP. “Some jurisdictions are developing new regulations, which are not specific to cloud services but which clearly enable adoption of cloud services by FSIs, and several others are allowing cloud adoption under current regulations for outsourcing.”


The report compares regulations in 14 Asia Pacific markets, in nine specific areas: 1. Processes for adopting cloud, 2. Contracts for cloud Services, 3. Data location, 4. Data use limitations, 5. Security, 6. Data segregation, 7. Business continuity, 8. Audit, review and monitoring, 9. Exit.


It also makes recommendations to policymakers to improve the conditions for cloud computing adoption by FSIs. Five key recommendations are:

  1. Regulations should be technology neutral.  There should not be separate regulations for the use of Cloud Services.
  2. Regulations should set out a clear process that should be followed for the adoption of Cloud Services (as if it were any other form of outsourcing) and approval for the use of Cloud Services should not be required.
  3. The transfer of Data to other jurisdictions should be permitted, subject to appropriate safeguards (e.g. security, business continuity, access and audit).
  4. Regulations should only identify the key issues that should be addressed in outsourcing contracts that include Cloud Services.  They should not be prescriptive of the terms of an outsourcing contract that includes Cloud Services.
  5. The use of independent third party audits should be an acceptable alternative to audits carried out by FSIs and the Regulators.

“Regulated sectors such as FSI are adopting cloud, and we want to accelerate adoption,” says Bernie Trudel, Chairman of the Asia Cloud Computing Association. “This report will provide FSIs with a clear understanding of the regulatory landscape and what they can, and should, expect from their CSPs.”


“FSIs can maximise the benefits of cloud computing by ensuring that they are familiar with the regulatory landscape, and able to assess the degree to which the CSP’s offering fits into the regulatory landscape,” adds Lim May-Ann, Executive Director of the Asia Cloud Computing Association. “Greater clarity around regulations would certainly accelerate the growth of cloud computing for FSIs in Asia Pacific.”


The ACCA hold quarterly meetings in different Asia Pacific markets and is in Bangalore this week for its Q1 meeting. The Association represents key stakeholders in the cloud computing ecosystem, and provides a vendor-neutral platform to discuss implementation and growth strategies for accelerating cloud computing throughout the Asia Pacific. On 5th March 2015, it will host an Industry and Eminent Persons Dialogue, with key stakeholders of the technology and cloud ecosystem, at the ITC Windsor Hotel, Bangalore. For more informtation or interview requests, please contact Ms Aparajita Rao at This email address is being protected from spambots. You need JavaScript enabled to view it.  or +91 8861372461


About the Asia Cloud Computing Association

The ACCA is an industry association that represents stakeholders of the cloud computing ecosystem in Asia. Our mission is to accelerate the adoption of cloud computing through Asia Pacific by helping to create a trusted and compelling market environment, and a safe and consistent regulatory environment for cloud computing products and services. Through dialogue, training, and public education, the ACCA provides a vendor-neutral platform to discuss implementation and growth strategies, share ideas, and establish policies and best practices relating to cloud computing. Contact us at This email address is being protected from spambots. You need JavaScript enabled to view it.  or You can also join us on LinkedIn a  


DSC 0082DSC 0100DSC 0383DSC 0038DSC 0042DSC 0377






More about ACCA Leadership



Bernie Trudel, Chairman


Bernie has been in the ICT industry for over 25 years. He is currently the Cloud CTO at Cisco Asia Pacific, where he has been involved in a number of technical roles for the last fourteen years. Prior to Cisco, Bernie worked for as an IT consultant in Europe and ANZ during which he advised enterprises and service providers on their Wide Area Network architecture. Bernie is an Electronic Engineer from Canada, where he started his career as a hardware design engineer and earned two patents for his innovative work.






Aman Neil Dokania, Vice-Chairman


Aman Neil Dokania is vice president and general manager of Cloud Division for HP Asia Pacific and Japan (APJ). In his current role, Aman is responsible for HP cloud across APJ, for private, public and hybrid solutions. He is driving HP’s regional leadership in cloud ecosystem development through partnering with leading ISVs, SIs, Service Providers and channel communities delivering customer centric solutions for both build and consume services for cloud. He plays a key role in driving HP’s strategy on HP Helion (HP Cloud), HP OpenStack, HP BladeSystem and CloudSystem. Prior to this, Aman spearheaded sales for HP Bladesystem, management and virtualisation business in APJ. He also developed and executed growth strategies for HP India’s Enterprise Storage and Server business, which were established as best practices for emerging markets.


Before moving to Asia, Aman was responsible for driving future specifications for the HP BladeSystem c-Class in the United States. He also led the development and introduction of HP's first manageemnt software and introduced the concetpt of lights-out management, for which he holds a patent for related technology. Aman holds a bachelor's degree in commerce from St. Xavier's College (India) and a master's degree from Oregon State University and he is a Kellogg Scholar of Marketing from Northwestern University.





Lim May-Ann, Executive Director


May-Ann is currently the research director at TRPC and the chair of ACCA's public policy regulatory working group. She has over a decade of experience in development, tech policy and communications across the Asia Pacific, working with organisations on thought leadership, government relations and stakeholder outreach efforts. Her career has spanned a number of regional and global institutions, including the World Bank, the Singapore Institute of International Affairs (SIIA), and the Singapore Internet Project. She is an active member of a number of trade associations and civil society groups. Through TRPC, she has worked with the Asia Internet Coalition (AIC), an advocacy group comprising Internet companies lobbying for free and open Internet policies, and is active in the Internet Society (ISOC), recently having been appointed as ISOC Ambassador to the Internet Governance Forum (IGF) in Oct 2013. May-Ann lectures on Internet and ICT Policy at the National University of Singapore (NUS).







Stacy Baird, Chair of the Data Governance Working Group, Asia Cloud Computing Association


Mr. Baird serves as Chairman of the Data Sovereignty Working Group for the Asia Cloud Computing Association. He advises businesses and government on information technology and intellectual property public policy issues and is Executive Director of the US-China Clean Energy Forum Intellectual Property Program, a program focused on accelerating deployment of clean energy technologies through innovative IP mechanisms.


Mr. Baird served as Senior Policy Advisor and Technology & Intellectual Property Counsel to a prominent U.S. Senator and advised a thought-leading Member of Congress on intellectual property and the Internet. Stacy working extensively on privacy and technology issues and on landmark legislation including the USA PATRIOT Act, Homeland Security Act, 2002 immigration and border security reform, Intelligence Reform and Terrorism Prevention Act and was responsible for drafting wide-ranging 1999 patent reform legislation, addressed export control issues, and the federal electronic signatures law, the E-SIGN Act.


Baird has held appointments as Visiting Fellow, University of Hong Kong Faculty of Law and Visiting Scholar, University of Southern California College of Letters, Arts and Sciences.  He resides in Hong Kong.