{"id":3780,"date":"2018-05-23T09:38:14","date_gmt":"2018-05-23T09:38:14","guid":{"rendered":"http:\/\/www.futuresandoptions.gr\/en\/?p=3780"},"modified":"2018-05-23T09:38:14","modified_gmt":"2018-05-23T09:38:14","slug":"bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor","status":"publish","type":"post","link":"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/","title":{"rendered":"BaFin on Cloud computing: Compliance with the supervisory requirements regarding rights of information and audit and ability to monitor"},"content":{"rendered":"

Within the framework of increasing digitalisation, supervisors must attach considerable importance to new\u00a0IT<\/abbr>\u00a0technologies such as cloud computing. In this context, it is important that in particular supervised entities in the financial sector, in addition to supervisors, have an understanding of the relevant technical innovations so that they can assess the impact of these technologies on business models, capital adequacy and authorisation requirements. This is the only way to ensure that the specific risks involved in the use of new\u00a0IT<\/abbr>-based developments are given appropriate consideration in supervisory and regulatory practice.<\/p>\n

\"\"<\/a>Cloud computing<\/h2>\n

With cloud computing, IT resources are operated by an external service provider rather than within a company. Cloud services are usually operated via a web-based system that is used dynamically. This provides users with an opportunity to save costs and make use of the external service provider’s technical expertise, generating increased interest in cloud computing solutions among companies.<\/p>\n

Regulatory framework<\/h2>\n

If supervised entities choose to use cloud computing, they must comply with the relevant supervisory requirements for outsourcing.<\/p>\n

The first step towards specification of the regulatory framework for cloud computing was publication of the circular “Supervisory Requirements for\u00a0IT<\/abbr>\u00a0in\u00a0Financial<\/span>\u00a0Institutions” (Bankaufsichtliche Anforderungen an die\u00a0IT<\/abbr>\u00a0\u2013\u00a0BAIT<\/abbr>) (see BaFinJournal\u00a0November 2017\u00a0and\u00a0January 2018\u00a0(only available in German)). The\u00a0BAIT<\/abbr>\u00a0specify that\u00a0AT<\/abbr>\u00a09 of the Minimum Requirements for\u00a0Risk Management<\/span>\u00a0(Mindestanforderungen an das Risikomanagement \u2013\u00a0MaRisk<\/abbr>\u00a0(only available in German)) also applies to the use of cloud services where this constitutes outsourcing of\u00a0IT<\/abbr>\u00a0services. This means that supervised entities must comply with the supervisory requirements for outsourcing pursuant to section 25b of the German\u00a0Banking<\/span>Act<\/span>\u00a0(Kreditwesengesetz \u2013\u00a0KWG<\/abbr>\u00a0(only available in German)) in conjunction with\u00a0AT<\/abbr>\u00a09 of the\u00a0MaRisk<\/abbr>\u00a0to the extent necessary in each individual case.<\/p>\n

In the coming months,\u00a0BaFin<\/abbr>\u00a0will also publish a circular specifying its expectations towards insurance undertakings and pension funds. The Insurance Supervisory Requirements for\u00a0IT<\/abbr>(Versicherungsaufsichtlichen Anforderungen an die\u00a0IT<\/abbr>\u00a0\u2013 VAIT) (only available in German) are currently the subject of a public\u00a0consultation<\/a>\u00a0(see Expert article “IT<\/abbr>\u00a0security<\/span>:\u00a0BaFin<\/abbr>specifies\u00a0IT<\/abbr>\u00a0requirements for the insurance sector”). Like the\u00a0BAIT<\/abbr>, this circular specifies that insurance undertakings must comply with the relevant applicable supervisory requirements for outsourcing when using cloud services.<\/p>\n

BaFin<\/abbr>\u00a0will also evaluate the extent to which changes are needed to the existing supervisory requirements for outsourcing.<\/p>\n

Planned\u00a0guidance<\/span><\/h2>\n

BaFin<\/abbr>\u00a0also plans to publish special\u00a0guidance<\/span>\u00a0on the topic over the course of this year, particularly in\u00a0light<\/span>\u00a0of discussions held with supervised entities, which have emphasised the need for a supervisory assessment of cloud computing. The\u00a0guidance<\/span>\u00a0will provide the market with detailed information regarding the supervisory requirements related to the use of cloud services. With this additional step,\u00a0BaFin<\/abbr>\u00a0intends to give companies greater certainty in applying the requirements under supervisory law.<\/p>\n

Ahead of the publication of the\u00a0guidance<\/span>, this article addresses some key aspects of\u00a0compliance<\/span>\u00a0with BaFin’s unrestricted rights of information and audit and abilities to monitor in addition to the unrestricted rights of information and audit of the supervised entities.<\/p>\n

Requirements under supervisory law<\/h2>\n

Supervised entities that intend to use cloud services must assess in advance the extent to which\u00a0compliance<\/span>\u00a0with the supervisory requirements for outsourcing is required.<\/p>\n

If this assessment reveals that, in terms of risk, the planned outsourcing constitutes material outsourced activities and processes, then the credit institutions must comply with sections 25a and 25b of the\u00a0KWG<\/abbr>\u00a0in conjunction with\u00a0AT<\/abbr>\u00a09 number 7 and 8 of the\u00a0MaRisk<\/abbr>\u00a0in the contractual arrangements. In such cases, insurance undertakings must comply with\u00a0Article<\/span>274(3) to (5) of the\u00a0Delegated<\/span>\u00a0Regulation<\/a>\u00a0on\u00a0Solvency<\/span>\u00a0II, section 32 of the German Insurance Supervision\u00a0Act<\/span>\u00a0(Versicherungsaufsichtsgesetz \u2013\u00a0VAG<\/abbr>\u00a0(only available in German)) and\u00a0margin<\/span>\u00a0no.<\/abbr>\u00a0237 et seq. of the Minimum Requirements under Supervisory Law on the System of\u00a0Governance<\/span>\u00a0of Insurance Undertakings (Mindestanforderungen an die Gesch\u00e4ftsorganisation von Versicherungsunternehmen \u2013\u00a0MaGO, see BaFinJournal\u00a0February 2017\u00a0(only available in German)). These contain, in particular, regulations regarding suitable or unrestricted rights of information and audit.<\/p>\n

Unrestricted rights of information and audit<\/h2>\n

Some supervised entities have submitted to\u00a0BaFin<\/abbr>\u00a0drafts of outsourcing contracts involving the use of cloud services. These contracts related, for instance, to the use of computing power, storage and web applications.<\/p>\n

The drafts submitted clearly show that in particular the rights of information and audit of\u00a0BaFin<\/abbr>\u00a0and of the supervised entities have\u00a0not<\/span>\u00a0been fully implemented in the contractual arrangements. However, it is particularly important that these rights are incorporated into the contracts since many providers of cloud solutions currently active on the financial market are domiciled in states\u00a0outside<\/span>\u00a0of the European Union and European Economic Area. Even German providers of cloud services are\u00a0not<\/span>\u00a0subject to BaFin’s supervision, meaning the supervisory laws are\u00a0not<\/span>\u00a0directly applicable to them. It is therefore only possible to enforce the supervisory provisions on the basis of corresponding contractual rights.<\/p>\n

Rights of information and audit of credit institutions<\/h2>\n

Ensuring unrestricted rights of information and audit\u00a0vis-\u00e0-vis<\/span>\u00a0cloud\u00a0service<\/span>\u00a0providers through contractual arrangements is of key importance, particularly with regard to the\u00a0IT\u00a0<\/abbr>security<\/span>\u00a0of institutions.<\/p>\n

Outsourced activities and processes that are\u00a0not<\/span>\u00a0regarded as material in terms of risk are subject to the general requirements relating to a proper business organisation pursuant to section 25a (1) of the\u00a0KWG<\/abbr>\u00a0(see\u00a0AT<\/abbr>\u00a09 number 3 of the\u00a0MaRisk<\/abbr>). If the outsourced cloud services are regarded as material outsourced activities and processes, then the outsourcing agreement must grant both the internal audit function and external auditors appropriate and unrestricted rights of information and audit (AT<\/abbr>\u00a04.4.3 number 7 of the\u00a0MaRisk<\/abbr>). Only through unrestricted access to the cloud providers, for example to their business premises, data centres, servers and employees, can supervised entities properly exercise their rights of information and audit. On-site inspections in particular are therefore indispensable.<\/p>\n

No restriction of rights<\/h2>\n

The effective exercise of the rights of information and audit should\u00a0not<\/span>\u00a0be impeded or limited by contractual arrangements. Phased information and audit procedures constitute such a restriction and do\u00a0not<\/span>\u00a0comply with the requirements of the\u00a0MaRisk<\/abbr>\u00a0or the recommendations of the\u00a0European Banking Authority<\/span>\u00a0(EBA<\/abbr>). If performing the audit is made dependent on the concept of commercial reasonableness, then this is also generally regarded as a restriction. In addition, a contractual obligation to first rely on standardised audit reports made available by the cloud providers also constitutes an impermissible restriction of the rights of information and audit.<\/p>\n

The use of\u00a0management<\/span>\u00a0consoles may be suitable for certain controls, such as for monitoring\u00a0compliance<\/span>\u00a0with\u00a0service<\/span>\u00a0level agreements in ongoing operations. However, it cannot replace audits by the internal audit function, since\u00a0management<\/span>\u00a0consoles only allow access to information made available by the cloud provider. The internal audit functions of institutions, however, must be able to obtain additional information that is necessary for the audit.<\/p>\n

Simplifications<\/h2>\n

In the case of material outsourced activities and processes,\u00a0BaFin<\/abbr>\u00a0also accepts pooled audits in accordance with\u00a0BT<\/abbr>\u00a02.1 number 3 of the\u00a0MaRisk<\/abbr>\u00a0in order to render audits more efficient both for institutions and also for cloud\u00a0service<\/span>\u00a0providers that work for several institutions. In such cases, the audit activity may be performed by the internal audit function of one or more of the outsourcing institutions or by a third party commissioned by these institutions provided that the audit activity complies with the requirements in\u00a0AT<\/abbr>\u00a04.4 and\u00a0BT<\/abbr>\u00a02 of the\u00a0MaRisk<\/abbr>.<\/p>\n

In addition, in accordance with\u00a0BT<\/abbr>\u00a02.1 number 3 of the\u00a0MaRisk<\/abbr>, an institution’s audits may be performed by the internal audit function of the cloud provider or the institution may commission third parties to perform audits, provided that the audit activity conducted by the other auditors complies with the requirements in\u00a0AT<\/abbr>\u00a04.4 and\u00a0BT<\/abbr>\u00a02 of the\u00a0MaRisk<\/abbr>.<\/p>\n

The outsourcing institution’s internal audit function must, however, regularly verify\u00a0compliance<\/span>\u00a0with the specified requirements. The audit findings that are relevant to the institution must be passed on to the internal audit function of the outsourcing institution.<\/p>\n

This also corresponds to the\u00a0EBA<\/abbr>\u00a0recommendations and decreases the organisational burden for both institutions and the cloud\u00a0service<\/span>\u00a0provider. Pooling the audit resources of institutions also addresses the concerns of cloud\u00a0service<\/span>\u00a0providers regarding “audit tourism”.<\/p>\n

Audit procedure<\/h2>\n

If an institution decides\u00a0not<\/span>\u00a0to perform the audit itself or\u00a0not<\/span>\u00a0to perform the audit alone, this must\u00a0not<\/span>\u00a0result in a restriction of the institution’s right of audit. The rights of information and audit of the internal audit function of the outsourcing institution must be granted in full through the outsourcing contract.<\/p>\n

Mere provision by the cloud\u00a0service<\/span>\u00a0provider of certifications or other evidence of\u00a0compliance<\/span>with recognised standards does\u00a0not<\/span>\u00a0satisfy the right of information and audit of the outsourcing institution. The outsourcing institution must have the opportunity to influence the scope of the information and audit. This corresponds to the\u00a0EBA<\/abbr>\u00a0recommendations, which specify corresponding requirements for access to the certifications and audit reports of the cloud\u00a0service<\/span>\u00a0provider.<\/p>\n

BaFin’s rights of information and audit and ability to monitor<\/h2>\n

In addition, the outsourcing contract must ensure BaFin’s unrestricted rights of information and audit and ability to monitor in relation to the outsourced activities and processes. In particular, BaFin’s audits must\u00a0not<\/span>\u00a0be dependent on whether they are commercially reasonable for the cloud\u00a0service<\/span>\u00a0provider.<\/p>\n

BaFin’s ability to monitor the cloud\u00a0service<\/span>\u00a0providers must be the same as its ability to supervise the supervised entities as provided for by law. This includes, in particular, the option to perform on-site inspections.<\/p>\n","protected":false},"excerpt":{"rendered":"

Within the framework of increasing digitalisation, supervisors must attach considerable importance to new\u00a0IT\u00a0technologies such as cloud computing. In this context, it is important that in particular supervised entities in the financial sector, in addition to […]<\/p>\n","protected":false},"author":2,"featured_media":3781,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[597,32],"tags":[865,864,867,685,868,866,644],"class_list":["post-3780","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-big-data-analytics","category-world","tag-bafin","tag-cloud-computing","tag-cloud-services","tag-financial-institutions","tag-it-security","tag-pension-funds","tag-risk-management"],"yoast_head":"\nBaFin on Cloud computing: Compliance with the supervisory requirements regarding rights of information and audit and ability to monitor - Futures and Options<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"BaFin on Cloud computing: Compliance with the supervisory requirements regarding rights of information and audit and ability to monitor - Futures and Options\" \/>\n<meta property=\"og:description\" content=\"Within the framework of increasing digitalisation, supervisors must attach considerable importance to new\u00a0IT\u00a0technologies such as cloud computing. In this context, it is important that in particular supervised entities in the financial sector, in addition to […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/\" \/>\n<meta property=\"og:site_name\" content=\"Futures and Options\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-23T09:38:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.futuresandoptions.gr\/en\/wp-content\/uploads\/2018\/05\/BaFin.png\" \/>\n\t<meta property=\"og:image:width\" content=\"115\" \/>\n\t<meta property=\"og:image:height\" content=\"66\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"pnik\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"pnik\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/\",\"url\":\"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/\",\"name\":\"BaFin on Cloud computing: Compliance with the supervisory requirements regarding rights of information and audit and ability to monitor - Futures and Options\",\"isPartOf\":{\"@id\":\"https:\/\/www.futuresandoptions.gr\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.futuresandoptions.gr\/en\/wp-content\/uploads\/2018\/05\/BaFin.png\",\"datePublished\":\"2018-05-23T09:38:14+00:00\",\"author\":{\"@id\":\"https:\/\/www.futuresandoptions.gr\/en\/#\/schema\/person\/e724181c2b6dddb5e6c826e406faac26\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/#primaryimage\",\"url\":\"https:\/\/www.futuresandoptions.gr\/en\/wp-content\/uploads\/2018\/05\/BaFin.png\",\"contentUrl\":\"https:\/\/www.futuresandoptions.gr\/en\/wp-content\/uploads\/2018\/05\/BaFin.png\",\"width\":115,\"height\":66},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.futuresandoptions.gr\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"BaFin on Cloud computing: Compliance with the supervisory requirements regarding rights of information and audit and ability to monitor\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.futuresandoptions.gr\/en\/#website\",\"url\":\"https:\/\/www.futuresandoptions.gr\/en\/\",\"name\":\"Futures and Options\",\"description\":\"Serving Intelligent Investors\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.futuresandoptions.gr\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.futuresandoptions.gr\/en\/#\/schema\/person\/e724181c2b6dddb5e6c826e406faac26\",\"name\":\"pnik\",\"url\":\"https:\/\/www.futuresandoptions.gr\/en\/author\/pnik\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"BaFin on Cloud computing: Compliance with the supervisory requirements regarding rights of information and audit and ability to monitor - Futures and Options","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/","og_locale":"en_US","og_type":"article","og_title":"BaFin on Cloud computing: Compliance with the supervisory requirements regarding rights of information and audit and ability to monitor - Futures and Options","og_description":"Within the framework of increasing digitalisation, supervisors must attach considerable importance to new\u00a0IT\u00a0technologies such as cloud computing. In this context, it is important that in particular supervised entities in the financial sector, in addition to […]","og_url":"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/","og_site_name":"Futures and Options","article_published_time":"2018-05-23T09:38:14+00:00","og_image":[{"width":115,"height":66,"url":"https:\/\/www.futuresandoptions.gr\/en\/wp-content\/uploads\/2018\/05\/BaFin.png","type":"image\/png"}],"author":"pnik","twitter_card":"summary_large_image","twitter_misc":{"Written by":"pnik","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/","url":"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/","name":"BaFin on Cloud computing: Compliance with the supervisory requirements regarding rights of information and audit and ability to monitor - Futures and Options","isPartOf":{"@id":"https:\/\/www.futuresandoptions.gr\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/#primaryimage"},"image":{"@id":"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/#primaryimage"},"thumbnailUrl":"https:\/\/www.futuresandoptions.gr\/en\/wp-content\/uploads\/2018\/05\/BaFin.png","datePublished":"2018-05-23T09:38:14+00:00","author":{"@id":"https:\/\/www.futuresandoptions.gr\/en\/#\/schema\/person\/e724181c2b6dddb5e6c826e406faac26"},"breadcrumb":{"@id":"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/#primaryimage","url":"https:\/\/www.futuresandoptions.gr\/en\/wp-content\/uploads\/2018\/05\/BaFin.png","contentUrl":"https:\/\/www.futuresandoptions.gr\/en\/wp-content\/uploads\/2018\/05\/BaFin.png","width":115,"height":66},{"@type":"BreadcrumbList","@id":"https:\/\/www.futuresandoptions.gr\/en\/bafin-on-cloud-computing-compliance-with-the-supervisory-requirements-regarding-rights-of-information-and-audit-and-ability-to-monitor\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.futuresandoptions.gr\/en\/"},{"@type":"ListItem","position":2,"name":"BaFin on Cloud computing: Compliance with the supervisory requirements regarding rights of information and audit and ability to monitor"}]},{"@type":"WebSite","@id":"https:\/\/www.futuresandoptions.gr\/en\/#website","url":"https:\/\/www.futuresandoptions.gr\/en\/","name":"Futures and Options","description":"Serving Intelligent Investors","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.futuresandoptions.gr\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.futuresandoptions.gr\/en\/#\/schema\/person\/e724181c2b6dddb5e6c826e406faac26","name":"pnik","url":"https:\/\/www.futuresandoptions.gr\/en\/author\/pnik\/"}]}},"_links":{"self":[{"href":"https:\/\/www.futuresandoptions.gr\/en\/wp-json\/wp\/v2\/posts\/3780","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.futuresandoptions.gr\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.futuresandoptions.gr\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.futuresandoptions.gr\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.futuresandoptions.gr\/en\/wp-json\/wp\/v2\/comments?post=3780"}],"version-history":[{"count":1,"href":"https:\/\/www.futuresandoptions.gr\/en\/wp-json\/wp\/v2\/posts\/3780\/revisions"}],"predecessor-version":[{"id":3783,"href":"https:\/\/www.futuresandoptions.gr\/en\/wp-json\/wp\/v2\/posts\/3780\/revisions\/3783"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.futuresandoptions.gr\/en\/wp-json\/wp\/v2\/media\/3781"}],"wp:attachment":[{"href":"https:\/\/www.futuresandoptions.gr\/en\/wp-json\/wp\/v2\/media?parent=3780"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.futuresandoptions.gr\/en\/wp-json\/wp\/v2\/categories?post=3780"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.futuresandoptions.gr\/en\/wp-json\/wp\/v2\/tags?post=3780"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}