SlideShare a Scribd company logo

Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft

accacloud
accacloud

1 Sep 2020 Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft https://www.bnm.gov.my/index.php?ch=en_announcement&pg=en_announcement&ac=816&lang=en

Economy & Finance
1 of 3
Download to read offline
Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft | Sep 2020 | Page 1 of 3 Pengarah Jabatan Pemantauan Pembayaran Bank Negara Malaysia Jalan Dato' Onn 50480 Kuala Lumpur Submitted via email to pdpolicy@bnm.gov.my 1 September 2020 Dear Sir/Madam, Re: Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft The ACCA appreciates the efforts of Bank Negara Malaysia (BNM) to clarify regulations for Merchant Acquiring Services to account for technological change. As financial institutions increasingly shift to digital environments, particularly due to challenges brought on by the COVID-19 pandemic, we believe that clear and enabling regulations for technology use such as cloud computing are key to helping meet customer needs while ensuring proper protections are in place. As the apex industry association for Asia Pacific stakeholders in the cloud computing ecosystem, the ACCA represents a vendor-neutral voice of the private sector to government and other stakeholders. The ACCA’s mission to accelerate the adoption of cloud computing throughout Asia Pacific by helping to create a trusted and compelling market environment, and a safe and consistent regulatory environment for cloud computing products and services. We are committed to strengthening digital resilience, and to the development of a safe and secure ecosystem where data is protected by the best technology and regulatory frameworks, in support of a better world for all. Following discussions with our member companies, we are submitting the following comments to the Merchant Acquiring Services Exposure Draft. Should you have any questions on our comments, I would be pleased to arrange for a videoconference discussion with our members. Thank you, and I look forward to hearing from you on the issues raised. Yours sincerely, Lim May-Ann Executive Director Asia Cloud Computing Association mayann@asiacloudcomputing.org
Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft | Sep 2020 | Page 2 of 3 Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft The ACCA thanks Bank Negara Malaysia (BNM) for the opportunity to submit feedback on the Merchant Acquiring Services Exposure Draft (the “Exposure Draft”). 1. General Comments a. As a general comment, we would like to encourage consistency between the Merchant Acquiring Services Exposure Draft and the current BNM Outsourcing Guidelines to help avoid confusion. b. In addition, we would also like to suggest a consultation on operational issues related to Risk Management in Technology (RMiT) to align regulatory expectations with current international best practices. 2. Comments on Section 16.5(c) This provision stipulates that as part of their outsourcing agreements, acquirers must have provisions for on-site inspection of service providers, which would include cloud service providers (CSPs). a. The ACCA would like to highlight that for CSPs, requiring on-site customer access poses a security risk due to the multi-tenanted environment of the public cloud model. Physical access rights would allow acquirers to access the same physical environment used by many other companies, and also presents potential for property damage or personal injury. b. In addition, such access rights also conflict with international security best practices and standards for public cloud. c. We would also like to note that this audit right also runs counter to BNM’s Outsourcing Guidelines (the “Outsourcing Guidelines”), which recognize alternative means of exercising audits and inspections of CSPs, such as relying on third party audit reports (Section 11.3 of the Outsourcing Guidelines). d. Recommendation: To align with the Outsourcing Guidelines, we suggest that BNM revise Section 16.5(c) to explicitly state that service providers can provide regular audit reports certifying that they are compliant with global security standards. We therefore recommend that this section be amended per the below, which is substantively the same as the Outsourcing Guidelines: “The acquirer may rely on third party certifications and reports made available by a cloud service provider to exercise its access rights under this section, provided such reliance is supported by an adequate understanding and review of the scope of the audit and methods employed by the third party, and access to the third party and service provider to clarify matters relating to the audit.”
Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft | Sep 2020 | Page 3 of 3 3. Comments on Section 16.6 a. This section contains a requirement for outsourced parties such as CSPs to provide a written undertaking to comply with additional privacy requirements set by BNM, which is not compatible with the shared responsibility framework under which CSPs operate. In this framework, CSPs work in tandem with customers, such as acquirers, to assure data security, privacy, and reliability. Customers maintain governance over the entire IT control environment and retain full control and ownership over data and other content when using a CSP’s services. The customer is also responsible for determining the levels of security they wish to adopt for data storage and processing. When a customer retains control of security processes to protect their own content, applications, systems and networks, the level of oversight and control that they exercise is no different from applications run by an entity in an on-site data centre. The ACCA highlights that the CSP does not have access to customer data nor does it have visibility over the content of customer data. The CSP also does not have any control over the security controls that the customer has chosen to apply to that content. Any proposal to extend the visibility of CSPs to customer data handling would breach security and privacy best practices, and invalidate multiple security certifications. b. This stipulation for an undertaking is also not contained in the Outsourcing Guidelines, which have provisions to ensure that CSPs maintain confidentiality. c. Recommendation: We recommend amending Section 16.6, as shown below: “In addition to the requirements in paragraph 16.5(b), where the outsourced party will have access to documents or information relating to the affairs or account of any customer of the acquirer, the acquirer shall ensure that the outsourced party has appropriate controls to safeguard the security, confidentiality and integrity of any information shared with the Outsourced Party. The acquirer shall also ensure that the service provider is bound by adequate confidentiality provisions stipulated under the outsourcing agreement.” 4. Comments on Section 16.8 a. As the extent to which service providers may use subcontractors and the roles of subcontractors can vary greatly, the requirement for acquirers to implement controls for subcontractors to comply with all relevant regulatory requirements may be interpreted as overly prescriptive and may not be feasible for hyperscale CSPs. b. However, adequate controls should be put in place for subcontractors that correspond to the subcontractor’s role in the delivery of services to the acquirer. As Section 9.6 of the Outsourcing Guidelines recognize, the key issue with subcontracting is to ensure that service providers do not diminish the ultimate responsibility of the primary service provider. c. Recommendation: We recommend that Section 16.8 be amended as shown below: “The requirement in paragraph 16.7 is also applicable when an outsourced party engages a subcontractor to undertake the activities that were outsourced by the acquirer, whereby the acquirer shall implement proper controls to ensure the accountability of the primary outsourced party over the performance and conduct of the subcontractor in relation to the outsourcing arrangement. that the subcontractor complies with the relevant requirements based on standards issued by the Bank to acquirers from time to time.”

Recommended

Global Industry Calls for Timely and Ambitious Expansion of Participation in ...
Global Industry Calls for Timely and Ambitious Expansion of Participation in ...Global Industry Calls for Timely and Ambitious Expansion of Participation in ...
Global Industry Calls for Timely and Ambitious Expansion of Participation in ...
accacloud
 
Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...
Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...
Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...
accacloud
 
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
accacloud
 
2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...
2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...
2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...
accacloud
 
Secure Cloud Computing
Secure Cloud ComputingSecure Cloud Computing
Secure Cloud Computing
Alasdair Kilgour
 
The Impact of Data Sovereignty on Cloud Computing in Asia 2013 by the Asia Cl...
The Impact of Data Sovereignty on Cloud Computing in Asia 2013 by the Asia Cl...The Impact of Data Sovereignty on Cloud Computing in Asia 2013 by the Asia Cl...
The Impact of Data Sovereignty on Cloud Computing in Asia 2013 by the Asia Cl...
accacloud
 
2011-2012 Cloud Assessment Tool (CAT) White Paper
2011-2012 Cloud Assessment Tool (CAT) White Paper2011-2012 Cloud Assessment Tool (CAT) White Paper
2011-2012 Cloud Assessment Tool (CAT) White Paper
accacloud
 
Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...
Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...
Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...
accacloud
 

Recommended

Global Industry Calls for Timely and Ambitious Expansion of Participation in ...
Global Industry Calls for Timely and Ambitious Expansion of Participation in ...Global Industry Calls for Timely and Ambitious Expansion of Participation in ...
Global Industry Calls for Timely and Ambitious Expansion of Participation in ...
accacloud
 
Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...
Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...
Asia Cloud Computing Association’s (ACCA) Response to the Draft Indonesian Mi...
accacloud
 
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
accacloud
 
2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...
2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...
2015 Asia's Financial Services: Ready for the Cloud - A Report on FSI Regulat...
accacloud
 
Secure Cloud Computing
Secure Cloud ComputingSecure Cloud Computing
Secure Cloud Computing
Alasdair Kilgour
 
The Impact of Data Sovereignty on Cloud Computing in Asia 2013 by the Asia Cl...
The Impact of Data Sovereignty on Cloud Computing in Asia 2013 by the Asia Cl...The Impact of Data Sovereignty on Cloud Computing in Asia 2013 by the Asia Cl...
The Impact of Data Sovereignty on Cloud Computing in Asia 2013 by the Asia Cl...
accacloud
 
2011-2012 Cloud Assessment Tool (CAT) White Paper
2011-2012 Cloud Assessment Tool (CAT) White Paper2011-2012 Cloud Assessment Tool (CAT) White Paper
2011-2012 Cloud Assessment Tool (CAT) White Paper
accacloud
 
Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...
Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...
Towards Better Patient Outcomes and Staying Well: The Promise of Cloud Comput...
accacloud
 
Porticor - Can Data be safe in Public Clouds, in Compliance with Standards
Porticor - Can Data be safe in Public Clouds, in Compliance with StandardsPorticor - Can Data be safe in Public Clouds, in Compliance with Standards
Porticor - Can Data be safe in Public Clouds, in Compliance with Standards
giladpn
 
26 Nov 2013 - Law and Policy Meet the Cloud, by Bernie Trudel [IIC-TRPC Singa...
26 Nov 2013 - Law and Policy Meet the Cloud, by Bernie Trudel [IIC-TRPC Singa...26 Nov 2013 - Law and Policy Meet the Cloud, by Bernie Trudel [IIC-TRPC Singa...
26 Nov 2013 - Law and Policy Meet the Cloud, by Bernie Trudel [IIC-TRPC Singa...
accacloud
 
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
accacloud
 
2017 Towards Better Patient Outcomes and Staying Well: The Promise of Cloud C...
2017 Towards Better Patient Outcomes and Staying Well: The Promise of Cloud C...2017 Towards Better Patient Outcomes and Staying Well: The Promise of Cloud C...
2017 Towards Better Patient Outcomes and Staying Well: The Promise of Cloud C...
accacloud
 
The ASEAN Data Protection Index 2020
The ASEAN Data Protection Index 2020The ASEAN Data Protection Index 2020
The ASEAN Data Protection Index 2020
FairTechInstitute
 
The realist’s guide to quantum technology and national security
The realist’s guide to quantum technology and national securityThe realist’s guide to quantum technology and national security
The realist’s guide to quantum technology and national security
Deloitte United States
 
IDC FutureScape Exec Summary Cloud
IDC FutureScape Exec Summary CloudIDC FutureScape Exec Summary Cloud
IDC FutureScape Exec Summary Cloud
Dean Bonehill ♠Technology for Business♠
 
Why MEITY enlisted 11 Companies to store Government IT data on Cloud System w...
Why MEITY enlisted 11 Companies to store Government IT data on Cloud System w...Why MEITY enlisted 11 Companies to store Government IT data on Cloud System w...
Why MEITY enlisted 11 Companies to store Government IT data on Cloud System w...
naveensaraf
 
Digital Co 1
Digital Co 1Digital Co 1
Digital Co 1
jmansourian
 
The internet of things – The next wave - Insurance
The internet of things – The next wave - InsuranceThe internet of things – The next wave - Insurance
The internet of things – The next wave - Insurance
Arqiva
 
4b. P&C Insurance and The IOT - Z. Schmiesing
4b. P&C Insurance and The IOT - Z. Schmiesing4b. P&C Insurance and The IOT - Z. Schmiesing
4b. P&C Insurance and The IOT - Z. Schmiesing
schmiez
 
Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...
Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...
Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...
Rajat Kumar
 
HC3 Kickoff presentations - June 19, 2014
HC3 Kickoff presentations - June 19, 2014HC3 Kickoff presentations - June 19, 2014
HC3 Kickoff presentations - June 19, 2014
Ostendio, Inc.
 
eGestalt Named a 2012 'Emerging Vendor' by CRN and UBM Channel
eGestalt Named a 2012 'Emerging Vendor' by CRN and UBM ChanneleGestalt Named a 2012 'Emerging Vendor' by CRN and UBM Channel
eGestalt Named a 2012 'Emerging Vendor' by CRN and UBM Channel
flashnewsrelease
 
Luxembourg Wort_QA_240314 (final)
Luxembourg Wort_QA_240314 (final) Luxembourg Wort_QA_240314 (final)
Luxembourg Wort_QA_240314 (final)
Alex Blumen
 
​Digital India - 15 things you should know about modi’s digital india project
​Digital India - 15 things you should know about modi’s digital india project​Digital India - 15 things you should know about modi’s digital india project
​Digital India - 15 things you should know about modi’s digital india project
KAP Computer Solution Pvt Ltd
 
3d mdrf 2020 jo daniels ecommerce
3d mdrf 2020 jo daniels ecommerce3d mdrf 2020 jo daniels ecommerce
3d mdrf 2020 jo daniels ecommerce
Ethical Sector
 
Customer attitudes to open banking six months on
Customer attitudes to open banking six months onCustomer attitudes to open banking six months on
Customer attitudes to open banking six months on
Dan Young
 
Bitcoin wednesday (1) deloitte
Bitcoin wednesday (1) deloitteBitcoin wednesday (1) deloitte
Bitcoin wednesday (1) deloitte
Bitcoin Wednesday
 
A guide-to-implementing-cloud-services
A guide-to-implementing-cloud-servicesA guide-to-implementing-cloud-services
A guide-to-implementing-cloud-services
Shakas Technologie
 
Microsoft General - Checklist for Financial Institutions in Angola.pdf
Microsoft General - Checklist for Financial Institutions in Angola.pdfMicrosoft General - Checklist for Financial Institutions in Angola.pdf
Microsoft General - Checklist for Financial Institutions in Angola.pdf
adanilsoafricanocarv
 
Outsourcing SLA versus Cloud SLA by Jurian Burgers
Outsourcing SLA versus Cloud SLA by Jurian BurgersOutsourcing SLA versus Cloud SLA by Jurian Burgers
Outsourcing SLA versus Cloud SLA by Jurian Burgers
ITpreneurs
 

More Related Content

What's hot

2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
accacloud
 
4b. P&C Insurance and The IOT - Z. Schmiesing
4b. P&C Insurance and The IOT - Z. Schmiesing4b. P&C Insurance and The IOT - Z. Schmiesing
4b. P&C Insurance and The IOT - Z. Schmiesing
schmiez
 
Luxembourg Wort_QA_240314 (final)
Luxembourg Wort_QA_240314 (final) Luxembourg Wort_QA_240314 (final)
Luxembourg Wort_QA_240314 (final)
Alex Blumen
 
​Digital India - 15 things you should know about modi’s digital india project
​Digital India - 15 things you should know about modi’s digital india project​Digital India - 15 things you should know about modi’s digital india project
​Digital India - 15 things you should know about modi’s digital india project
KAP Computer Solution Pvt Ltd
 
A guide-to-implementing-cloud-services
A guide-to-implementing-cloud-servicesA guide-to-implementing-cloud-services
A guide-to-implementing-cloud-services
Shakas Technologie
 

What's hot (20)

Porticor - Can Data be safe in Public Clouds, in Compliance with Standards
Porticor - Can Data be safe in Public Clouds, in Compliance with StandardsPorticor - Can Data be safe in Public Clouds, in Compliance with Standards
Porticor - Can Data be safe in Public Clouds, in Compliance with Standards
 
26 Nov 2013 - Law and Policy Meet the Cloud, by Bernie Trudel [IIC-TRPC Singa...
26 Nov 2013 - Law and Policy Meet the Cloud, by Bernie Trudel [IIC-TRPC Singa...26 Nov 2013 - Law and Policy Meet the Cloud, by Bernie Trudel [IIC-TRPC Singa...
26 Nov 2013 - Law and Policy Meet the Cloud, by Bernie Trudel [IIC-TRPC Singa...
 
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
2018 Cross-Border Data Flows: A Review of the Regulatory Enablers, Blockers, ...
 
2017 Towards Better Patient Outcomes and Staying Well: The Promise of Cloud C...
2017 Towards Better Patient Outcomes and Staying Well: The Promise of Cloud C...2017 Towards Better Patient Outcomes and Staying Well: The Promise of Cloud C...
2017 Towards Better Patient Outcomes and Staying Well: The Promise of Cloud C...
 
The ASEAN Data Protection Index 2020
The ASEAN Data Protection Index 2020The ASEAN Data Protection Index 2020
The ASEAN Data Protection Index 2020
 
The realist’s guide to quantum technology and national security
The realist’s guide to quantum technology and national securityThe realist’s guide to quantum technology and national security
The realist’s guide to quantum technology and national security
 
IDC FutureScape Exec Summary Cloud
IDC FutureScape Exec Summary CloudIDC FutureScape Exec Summary Cloud
IDC FutureScape Exec Summary Cloud
 
Why MEITY enlisted 11 Companies to store Government IT data on Cloud System w...
Why MEITY enlisted 11 Companies to store Government IT data on Cloud System w...Why MEITY enlisted 11 Companies to store Government IT data on Cloud System w...
Why MEITY enlisted 11 Companies to store Government IT data on Cloud System w...
 
Digital Co 1
Digital Co 1Digital Co 1
Digital Co 1
 
The internet of things – The next wave - Insurance
The internet of things – The next wave - InsuranceThe internet of things – The next wave - Insurance
The internet of things – The next wave - Insurance
 
4b. P&C Insurance and The IOT - Z. Schmiesing
4b. P&C Insurance and The IOT - Z. Schmiesing4b. P&C Insurance and The IOT - Z. Schmiesing
4b. P&C Insurance and The IOT - Z. Schmiesing
 
Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...
Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...
Network Neutrality - Training Presentation for Indictee Scientists at C-DAC, ...
 
HC3 Kickoff presentations - June 19, 2014
HC3 Kickoff presentations - June 19, 2014HC3 Kickoff presentations - June 19, 2014
HC3 Kickoff presentations - June 19, 2014
 
eGestalt Named a 2012 'Emerging Vendor' by CRN and UBM Channel
eGestalt Named a 2012 'Emerging Vendor' by CRN and UBM ChanneleGestalt Named a 2012 'Emerging Vendor' by CRN and UBM Channel
eGestalt Named a 2012 'Emerging Vendor' by CRN and UBM Channel
 
Luxembourg Wort_QA_240314 (final)
Luxembourg Wort_QA_240314 (final) Luxembourg Wort_QA_240314 (final)
Luxembourg Wort_QA_240314 (final)
 
​Digital India - 15 things you should know about modi’s digital india project
​Digital India - 15 things you should know about modi’s digital india project​Digital India - 15 things you should know about modi’s digital india project
​Digital India - 15 things you should know about modi’s digital india project
 
3d mdrf 2020 jo daniels ecommerce
3d mdrf 2020 jo daniels ecommerce3d mdrf 2020 jo daniels ecommerce
3d mdrf 2020 jo daniels ecommerce
 
Customer attitudes to open banking six months on
Customer attitudes to open banking six months onCustomer attitudes to open banking six months on
Customer attitudes to open banking six months on
 
Bitcoin wednesday (1) deloitte
Bitcoin wednesday (1) deloitteBitcoin wednesday (1) deloitte
Bitcoin wednesday (1) deloitte
 
A guide-to-implementing-cloud-services
A guide-to-implementing-cloud-servicesA guide-to-implementing-cloud-services
A guide-to-implementing-cloud-services
 

Similar to Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft

Dynamic Service Level Agreement Verification in Cloud Computing
Dynamic Service Level Agreement Verification in Cloud Computing Dynamic Service Level Agreement Verification in Cloud Computing
Dynamic Service Level Agreement Verification in Cloud Computing
IJCSIS Research Publications
 
RUNNING HEAD Intersession 6 Final Project Projection1Interse.docx
RUNNING HEAD Intersession 6 Final Project Projection1Interse.docxRUNNING HEAD Intersession 6 Final Project Projection1Interse.docx
RUNNING HEAD Intersession 6 Final Project Projection1Interse.docx
jeanettehully
 
Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...
Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...
Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...
accacloud
 
MMB Cloud-Tree: Verifiable Cloud Service Selection
MMB Cloud-Tree: Verifiable Cloud Service SelectionMMB Cloud-Tree: Verifiable Cloud Service Selection
MMB Cloud-Tree: Verifiable Cloud Service Selection
IJAEMSJORNAL
 
Technical qo s and kpi lebanon
Technical qo s and kpi lebanonTechnical qo s and kpi lebanon
Technical qo s and kpi lebanon
haroudaki
 
A FRAMEWORK FOR SOFTWARE-AS-A-SERVICE SELECTION AND PROVISIONING
A FRAMEWORK FOR SOFTWARE-AS-A-SERVICE SELECTION AND PROVISIONINGA FRAMEWORK FOR SOFTWARE-AS-A-SERVICE SELECTION AND PROVISIONING
A FRAMEWORK FOR SOFTWARE-AS-A-SERVICE SELECTION AND PROVISIONING
IJCNCJournal
 
Rfp cis implementation v3
Rfp cis implementation v3Rfp cis implementation v3
Rfp cis implementation v3
iambilal14
 

Similar to Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft (20)

Microsoft General - Checklist for Financial Institutions in Angola.pdf
Microsoft General - Checklist for Financial Institutions in Angola.pdfMicrosoft General - Checklist for Financial Institutions in Angola.pdf
Microsoft General - Checklist for Financial Institutions in Angola.pdf
 
Outsourcing SLA versus Cloud SLA by Jurian Burgers
Outsourcing SLA versus Cloud SLA by Jurian BurgersOutsourcing SLA versus Cloud SLA by Jurian Burgers
Outsourcing SLA versus Cloud SLA by Jurian Burgers
 
Dynamic Service Level Agreement Verification in Cloud Computing
Dynamic Service Level Agreement Verification in Cloud Computing Dynamic Service Level Agreement Verification in Cloud Computing
Dynamic Service Level Agreement Verification in Cloud Computing
 
A Study On Service Level Agreement Management Techniques In Cloud
A Study On Service Level Agreement Management Techniques In CloudA Study On Service Level Agreement Management Techniques In Cloud
A Study On Service Level Agreement Management Techniques In Cloud
 
RUNNING HEAD Intersession 6 Final Project Projection1Interse.docx
RUNNING HEAD Intersession 6 Final Project Projection1Interse.docxRUNNING HEAD Intersession 6 Final Project Projection1Interse.docx
RUNNING HEAD Intersession 6 Final Project Projection1Interse.docx
 
Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...
Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...
Asia's Financial Services on the Cloud 2018: Regulatory Landscape Impacting t...
 
Ensuring PCI DSS Compliance in the Cloud
Ensuring PCI DSS Compliance in the CloudEnsuring PCI DSS Compliance in the Cloud
Ensuring PCI DSS Compliance in the Cloud
 
MMB Cloud-Tree: Verifiable Cloud Service Selection
MMB Cloud-Tree: Verifiable Cloud Service SelectionMMB Cloud-Tree: Verifiable Cloud Service Selection
MMB Cloud-Tree: Verifiable Cloud Service Selection
 
20150113
2015011320150113
20150113
 
Technical qo s and kpi lebanon
Technical qo s and kpi lebanonTechnical qo s and kpi lebanon
Technical qo s and kpi lebanon
 
IRJET- Improvement of Security and Trustworthiness in Cloud Computing usi...
IRJET- Improvement of Security and Trustworthiness in Cloud Computing usi...IRJET- Improvement of Security and Trustworthiness in Cloud Computing usi...
IRJET- Improvement of Security and Trustworthiness in Cloud Computing usi...
 
New Era in Insurance - Cloud Computing
New Era in Insurance - Cloud ComputingNew Era in Insurance - Cloud Computing
New Era in Insurance - Cloud Computing
 
A FRAMEWORK FOR SOFTWARE-AS-A-SERVICE SELECTION AND PROVISIONING
A FRAMEWORK FOR SOFTWARE-AS-A-SERVICE SELECTION AND PROVISIONINGA FRAMEWORK FOR SOFTWARE-AS-A-SERVICE SELECTION AND PROVISIONING
A FRAMEWORK FOR SOFTWARE-AS-A-SERVICE SELECTION AND PROVISIONING
 
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2016
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2016Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2016
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2016
 
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017
 
Rfp cis implementation v3
Rfp cis implementation v3Rfp cis implementation v3
Rfp cis implementation v3
 
Cloud sla
Cloud slaCloud sla
Cloud sla
 
Cloud Armor: An Overview of Trusty Supporting Reputation based Management for...
Cloud Armor: An Overview of Trusty Supporting Reputation based Management for...Cloud Armor: An Overview of Trusty Supporting Reputation based Management for...
Cloud Armor: An Overview of Trusty Supporting Reputation based Management for...
 
OEM - запчасти на проводе
OEM - запчасти на проводеOEM - запчасти на проводе
OEM - запчасти на проводе
 
Five Priorities for Quality Engineering When Taking Banking to the Cloud
Five Priorities for Quality Engineering When Taking Banking to the CloudFive Priorities for Quality Engineering When Taking Banking to the Cloud
Five Priorities for Quality Engineering When Taking Banking to the Cloud
 

More from accacloud

From Vision to Procurement: Principles for Adopting Cloud Computing in the Pu...
From Vision to Procurement: Principles for Adopting Cloud Computing in the Pu...From Vision to Procurement: Principles for Adopting Cloud Computing in the Pu...
From Vision to Procurement: Principles for Adopting Cloud Computing in the Pu...
accacloud
 
Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...
Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...
Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...
accacloud
 
Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...
Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...
Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...
accacloud
 
SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...
SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...
SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...
accacloud
 
Safe Cloud Principles for the FSI Industry 2014, endorsed by the Asia Cloud C...
Safe Cloud Principles for the FSI Industry 2014, endorsed by the Asia Cloud C...Safe Cloud Principles for the FSI Industry 2014, endorsed by the Asia Cloud C...
Safe Cloud Principles for the FSI Industry 2014, endorsed by the Asia Cloud C...
accacloud
 
Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...
Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...
Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...
accacloud
 
Cloud Readiness Index 2012 by the Asia Cloud Computing Association
Cloud Readiness Index 2012 by the Asia Cloud Computing AssociationCloud Readiness Index 2012 by the Asia Cloud Computing Association
Cloud Readiness Index 2012 by the Asia Cloud Computing Association
accacloud
 
2011 The Cloud Map by the Asia Cloud Computing Association
2011 The Cloud Map by the Asia Cloud Computing Association2011 The Cloud Map by the Asia Cloud Computing Association
2011 The Cloud Map by the Asia Cloud Computing Association
accacloud
 

More from accacloud (19)

Data Privacy in the Cloud.pdf
Data Privacy in the Cloud.pdfData Privacy in the Cloud.pdf
Data Privacy in the Cloud.pdf
 
ACCA Concept Note on The Role of the Cloud in Meeting Sustainable Development...
ACCA Concept Note on The Role of the Cloud in Meeting Sustainable Development...ACCA Concept Note on The Role of the Cloud in Meeting Sustainable Development...
ACCA Concept Note on The Role of the Cloud in Meeting Sustainable Development...
 
Asia Cloud Computing Association's Financial Services in the Cloud Report 202...
Asia Cloud Computing Association's Financial Services in the Cloud Report 202...Asia Cloud Computing Association's Financial Services in the Cloud Report 202...
Asia Cloud Computing Association's Financial Services in the Cloud Report 202...
 
ACCA Better on the Cloud: Financial Services in Asia Pacific 2021
ACCA Better on the Cloud: Financial Services in Asia Pacific 2021ACCA Better on the Cloud: Financial Services in Asia Pacific 2021
ACCA Better on the Cloud: Financial Services in Asia Pacific 2021
 
Cloud Readiness Index 2016 - Japanese version クラウド推進普及状況
Cloud Readiness Index 2016 - Japanese version クラウド推進普及状況Cloud Readiness Index 2016 - Japanese version クラウド推進普及状況
Cloud Readiness Index 2016 - Japanese version クラウド推進普及状況
 
From Vision to Procurement: Principles for Adopting Cloud Computing in the Pu...
From Vision to Procurement: Principles for Adopting Cloud Computing in the Pu...From Vision to Procurement: Principles for Adopting Cloud Computing in the Pu...
From Vision to Procurement: Principles for Adopting Cloud Computing in the Pu...
 
Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...
Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...
Regulating for a Digital Economy: Understanding the Importance of Cross-Borde...
 
Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...
Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...
Data Analytics to Bridge Knowledge Gaps 2016 - An ACCA White Paper on Supply ...
 
2015 How important is Cloud Computing for building Crowd Networks? Crowdsourc...
2015 How important is Cloud Computing for building Crowd Networks? Crowdsourc...2015 How important is Cloud Computing for building Crowd Networks? Crowdsourc...
2015 How important is Cloud Computing for building Crowd Networks? Crowdsourc...
 
Cloud Readiness Index 2016 by the Asia Cloud Computing Association
Cloud Readiness Index 2016 by the Asia Cloud Computing AssociationCloud Readiness Index 2016 by the Asia Cloud Computing Association
Cloud Readiness Index 2016 by the Asia Cloud Computing Association
 
SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...
SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...
SMEs in Asia Pacific: The Market for Cloud Computing - Case Studies of 14 mar...
 
Safe Cloud Principles for the FSI Industry 2014, endorsed by the Asia Cloud C...
Safe Cloud Principles for the FSI Industry 2014, endorsed by the Asia Cloud C...Safe Cloud Principles for the FSI Industry 2014, endorsed by the Asia Cloud C...
Safe Cloud Principles for the FSI Industry 2014, endorsed by the Asia Cloud C...
 
Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...
Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...
Report on Cloud Data Regulations 2014: A contribution on how to reduce the co...
 
Cloud Readiness Index 2012 by the Asia Cloud Computing Association
Cloud Readiness Index 2012 by the Asia Cloud Computing AssociationCloud Readiness Index 2012 by the Asia Cloud Computing Association
Cloud Readiness Index 2012 by the Asia Cloud Computing Association
 
Cloud Readiness Index 2011 by the Asia Cloud Computing Association
Cloud Readiness Index 2011 by the Asia Cloud Computing AssociationCloud Readiness Index 2011 by the Asia Cloud Computing Association
Cloud Readiness Index 2011 by the Asia Cloud Computing Association
 
2011 The Cloud Map by the Asia Cloud Computing Association
2011 The Cloud Map by the Asia Cloud Computing Association2011 The Cloud Map by the Asia Cloud Computing Association
2011 The Cloud Map by the Asia Cloud Computing Association
 
28 Feb 2012 - Asia Opportunity, by Mark Ross [Questex Asia, Hong Kong]
28 Feb 2012 - Asia Opportunity, by Mark Ross [Questex Asia, Hong Kong]28 Feb 2012 - Asia Opportunity, by Mark Ross [Questex Asia, Hong Kong]
28 Feb 2012 - Asia Opportunity, by Mark Ross [Questex Asia, Hong Kong]
 
2011 ACCA Cloud Readiness Index
2011 ACCA Cloud Readiness Index2011 ACCA Cloud Readiness Index
2011 ACCA Cloud Readiness Index
 
2014 Managing Cloud: A New Multidisciplinary Paradigm for Policymakers
2014 Managing Cloud: A New Multidisciplinary Paradigm for Policymakers2014 Managing Cloud: A New Multidisciplinary Paradigm for Policymakers
2014 Managing Cloud: A New Multidisciplinary Paradigm for Policymakers
 

Recently uploaded

Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Call Girls in Nagpur High Profile
 
VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...
VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...
VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...
dipikadinghjn ( Why You Choose Us? ) Escorts
 
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Call Girls in Nagpur High Profile
 
8377087607, Door Step Call Girls In Kalkaji (Locanto) 24/7 Available
8377087607, Door Step Call Girls In Kalkaji (Locanto) 24/7 Available8377087607, Door Step Call Girls In Kalkaji (Locanto) 24/7 Available
8377087607, Door Step Call Girls In Kalkaji (Locanto) 24/7 Available
dollysharma2066
 
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
dipikadinghjn ( Why You Choose Us? ) Escorts
 
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Call Girls in Nagpur High Profile
 
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Call Girls in Nagpur High Profile
 
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
dipikadinghjn ( Why You Choose Us? ) Escorts
 
Call Girls Rajgurunagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Rajgurunagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Rajgurunagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Rajgurunagar Call Me 7737669865 Budget Friendly No Advance Booking
roncy bisnoi
 
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
priyasharma62062
 
Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...
Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...
Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...
roshnidevijkn ( Why You Choose Us? ) Escorts
 
Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...
Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...
Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...
priyasharma62062
 
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
dipikadinghjn ( Why You Choose Us? ) Escorts
 

Recently uploaded (20)

Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
 
VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...
VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...
VIP Call Girl in Mumbai Central 💧 9920725232 ( Call Me ) Get A New Crush Ever...
 
Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...
Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...
Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...
 
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
Business Principles, Tools, and Techniques in Participating in Various Types...
Business Principles, Tools, and Techniques in Participating in Various Types...Business Principles, Tools, and Techniques in Participating in Various Types...
Business Principles, Tools, and Techniques in Participating in Various Types...
 
8377087607, Door Step Call Girls In Kalkaji (Locanto) 24/7 Available
8377087607, Door Step Call Girls In Kalkaji (Locanto) 24/7 Available8377087607, Door Step Call Girls In Kalkaji (Locanto) 24/7 Available
8377087607, Door Step Call Girls In Kalkaji (Locanto) 24/7 Available
 
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
 
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Wadgaon Sheri 6297143586 Call Hot Ind...
 
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...
 
Kopar Khairane Russian Call Girls Number-9833754194-Navi Mumbai Fantastic Unl...
Kopar Khairane Russian Call Girls Number-9833754194-Navi Mumbai Fantastic Unl...Kopar Khairane Russian Call Girls Number-9833754194-Navi Mumbai Fantastic Unl...
Kopar Khairane Russian Call Girls Number-9833754194-Navi Mumbai Fantastic Unl...
 
W.D. Gann Theory Complete Information.pdf
W.D. Gann Theory Complete Information.pdfW.D. Gann Theory Complete Information.pdf
W.D. Gann Theory Complete Information.pdf
 
Webinar on E-Invoicing for Fintech Belgium
Webinar on E-Invoicing for Fintech BelgiumWebinar on E-Invoicing for Fintech Belgium
Webinar on E-Invoicing for Fintech Belgium
 
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
 
Call Girls Rajgurunagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Rajgurunagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Rajgurunagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Rajgurunagar Call Me 7737669865 Budget Friendly No Advance Booking
 
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
Navi Mumbai Cooperetive Housewife Call Girls-9833754194-Natural Panvel Enjoye...
 
Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...
Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...
Call Girls Service Pune ₹7.5k Pick Up & Drop With Cash Payment 9352852248 Cal...
 
Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...
Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...
Kharghar Blowjob Housewife Call Girls NUmber-9833754194-CBD Belapur Internati...
 
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
 
7 tips trading Deriv Accumulator Options
7 tips trading Deriv Accumulator Options7 tips trading Deriv Accumulator Options
7 tips trading Deriv Accumulator Options
 
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...
 

Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft

  • 1. Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft | Sep 2020 | Page 1 of 3 Pengarah Jabatan Pemantauan Pembayaran Bank Negara Malaysia Jalan Dato' Onn 50480 Kuala Lumpur Submitted via email to pdpolicy@bnm.gov.my 1 September 2020 Dear Sir/Madam, Re: Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft The ACCA appreciates the efforts of Bank Negara Malaysia (BNM) to clarify regulations for Merchant Acquiring Services to account for technological change. As financial institutions increasingly shift to digital environments, particularly due to challenges brought on by the COVID-19 pandemic, we believe that clear and enabling regulations for technology use such as cloud computing are key to helping meet customer needs while ensuring proper protections are in place. As the apex industry association for Asia Pacific stakeholders in the cloud computing ecosystem, the ACCA represents a vendor-neutral voice of the private sector to government and other stakeholders. The ACCA’s mission to accelerate the adoption of cloud computing throughout Asia Pacific by helping to create a trusted and compelling market environment, and a safe and consistent regulatory environment for cloud computing products and services. We are committed to strengthening digital resilience, and to the development of a safe and secure ecosystem where data is protected by the best technology and regulatory frameworks, in support of a better world for all. Following discussions with our member companies, we are submitting the following comments to the Merchant Acquiring Services Exposure Draft. Should you have any questions on our comments, I would be pleased to arrange for a videoconference discussion with our members. Thank you, and I look forward to hearing from you on the issues raised. Yours sincerely, Lim May-Ann Executive Director Asia Cloud Computing Association mayann@asiacloudcomputing.org
  • 2. Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft | Sep 2020 | Page 2 of 3 Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft The ACCA thanks Bank Negara Malaysia (BNM) for the opportunity to submit feedback on the Merchant Acquiring Services Exposure Draft (the “Exposure Draft”). 1. General Comments a. As a general comment, we would like to encourage consistency between the Merchant Acquiring Services Exposure Draft and the current BNM Outsourcing Guidelines to help avoid confusion. b. In addition, we would also like to suggest a consultation on operational issues related to Risk Management in Technology (RMiT) to align regulatory expectations with current international best practices. 2. Comments on Section 16.5(c) This provision stipulates that as part of their outsourcing agreements, acquirers must have provisions for on-site inspection of service providers, which would include cloud service providers (CSPs). a. The ACCA would like to highlight that for CSPs, requiring on-site customer access poses a security risk due to the multi-tenanted environment of the public cloud model. Physical access rights would allow acquirers to access the same physical environment used by many other companies, and also presents potential for property damage or personal injury. b. In addition, such access rights also conflict with international security best practices and standards for public cloud. c. We would also like to note that this audit right also runs counter to BNM’s Outsourcing Guidelines (the “Outsourcing Guidelines”), which recognize alternative means of exercising audits and inspections of CSPs, such as relying on third party audit reports (Section 11.3 of the Outsourcing Guidelines). d. Recommendation: To align with the Outsourcing Guidelines, we suggest that BNM revise Section 16.5(c) to explicitly state that service providers can provide regular audit reports certifying that they are compliant with global security standards. We therefore recommend that this section be amended per the below, which is substantively the same as the Outsourcing Guidelines: “The acquirer may rely on third party certifications and reports made available by a cloud service provider to exercise its access rights under this section, provided such reliance is supported by an adequate understanding and review of the scope of the audit and methods employed by the third party, and access to the third party and service provider to clarify matters relating to the audit.”
  • 3. Asia Cloud Computing Association’s (ACCA) Response to the Merchant Acquiring Services Exposure Draft | Sep 2020 | Page 3 of 3 3. Comments on Section 16.6 a. This section contains a requirement for outsourced parties such as CSPs to provide a written undertaking to comply with additional privacy requirements set by BNM, which is not compatible with the shared responsibility framework under which CSPs operate. In this framework, CSPs work in tandem with customers, such as acquirers, to assure data security, privacy, and reliability. Customers maintain governance over the entire IT control environment and retain full control and ownership over data and other content when using a CSP’s services. The customer is also responsible for determining the levels of security they wish to adopt for data storage and processing. When a customer retains control of security processes to protect their own content, applications, systems and networks, the level of oversight and control that they exercise is no different from applications run by an entity in an on-site data centre. The ACCA highlights that the CSP does not have access to customer data nor does it have visibility over the content of customer data. The CSP also does not have any control over the security controls that the customer has chosen to apply to that content. Any proposal to extend the visibility of CSPs to customer data handling would breach security and privacy best practices, and invalidate multiple security certifications. b. This stipulation for an undertaking is also not contained in the Outsourcing Guidelines, which have provisions to ensure that CSPs maintain confidentiality. c. Recommendation: We recommend amending Section 16.6, as shown below: “In addition to the requirements in paragraph 16.5(b), where the outsourced party will have access to documents or information relating to the affairs or account of any customer of the acquirer, the acquirer shall ensure that the outsourced party has appropriate controls to safeguard the security, confidentiality and integrity of any information shared with the Outsourced Party. The acquirer shall also ensure that the service provider is bound by adequate confidentiality provisions stipulated under the outsourcing agreement.” 4. Comments on Section 16.8 a. As the extent to which service providers may use subcontractors and the roles of subcontractors can vary greatly, the requirement for acquirers to implement controls for subcontractors to comply with all relevant regulatory requirements may be interpreted as overly prescriptive and may not be feasible for hyperscale CSPs. b. However, adequate controls should be put in place for subcontractors that correspond to the subcontractor’s role in the delivery of services to the acquirer. As Section 9.6 of the Outsourcing Guidelines recognize, the key issue with subcontracting is to ensure that service providers do not diminish the ultimate responsibility of the primary service provider. c. Recommendation: We recommend that Section 16.8 be amended as shown below: “The requirement in paragraph 16.7 is also applicable when an outsourced party engages a subcontractor to undertake the activities that were outsourced by the acquirer, whereby the acquirer shall implement proper controls to ensure the accountability of the primary outsourced party over the performance and conduct of the subcontractor in relation to the outsourcing arrangement. that the subcontractor complies with the relevant requirements based on standards issued by the Bank to acquirers from time to time.”