From 13 July 2026, four major global cloud and technology providers are designated Critical Third Parties, allowing the Bank of England, PRA and FCA to jointly oversee the critical services they supply to UK financial firms.
The United Kingdom has begun directly overseeing major cloud and technology providers that supply critical services to the financial sector, with four firms formally designated as Critical Third Parties from 13 July 2026. The designations, announced by HM Treasury, allow the Bank of England, the Prudential Regulation Authority and the Financial Conduct Authority to jointly supervise the critical services these providers deliver to banks, insurers and other regulated firms. The regime is aimed at ensuring those services remain resilient and can recover quickly from operational disruption, reflecting how deeply financial institutions now depend on a small number of cloud and infrastructure suppliers. Economic Secretary to the Treasury and City Minister Rachel Blake said maintaining trust in the financial system is essential to the UK's standing as a leading financial centre, and that the designations would help protect consumers and businesses while supporting growth. Importantly, financial firms remain responsible for managing risks arising from their own third-party suppliers, including due diligence, risk management and contingency planning; the new regime complements rather than replaces existing outsourcing and operational resilience rules. Each designated provider has committed to complying with the oversight requirements.
Key Points
- 1Four major cloud and technology providers were designated Critical Third Parties from 13 July 2026.
- 2The Bank of England, PRA and FCA will jointly oversee their critical services to the financial sector.
- 3The regime focuses on resilience and rapid recovery from operational disruptions.
- 4Financial firms remain responsible for their own third-party risk management and contingency planning.
Why This Matters
A single cloud outage can knock out payments, banking apps and insurance claims systems for millions of customers, so direct regulatory oversight of these providers is designed to reduce systemic disruption risk.
Related Stories
FCA Publishes Landmark Review Into the Impact of AI on Retail Financial Services
July 14, 2026
Bank of England Warns Rapid AI Advances Are Raising Financial Stability Risks
July 13, 2026
Hormuz War-Risk Insurance Rates Climb Again After Fresh Attacks on Vessels
July 13, 2026
APRA Opens Consultation on Prudential Changes Affecting Australian Banks and Insurers
July 13, 2026
Daily Intelligence
The PolicyGlobal Daily Brief
Get the top 5 insurance and finance stories every morning, curated and verified by our editorial desk. No spam. Unsubscribe anytime.
Informational newsletter only. Not financial advice. Disclaimer