Financial Crime World

Here is the rewritten article in Markdown format:

Compliance Regulations for Banks in the Philippines: A Regulatory Overview

MANILA, PHILIPPINES - Financial institutions in the Philippines are permitted to use cloud services, but only if they comply with applicable legal and regulatory requirements. The Bangko Sentral ng Pilipinas (BSP), the country’s financial supervisory authority, regulates banks, finance companies, and non-bank financial institutions performing quasi-banking functions.

Regulatory Requirements

Financial institutions using Amazon Web Services (AWS) in the Philippines must adhere to a range of regulations and guidelines issued by BSP, including:

  • Manual for Regulations for Banks
  • Manual of Regulations for Non-Bank Financial Institutions
  • BSP Circular No. 808 - Guidelines on Information Technology Risk Management for All Banks and Other BSP Supervised Institutions
  • Enhanced Guidelines on Information Security Management

These regulatory requirements cover various areas, such as:

  • Due diligence
  • Risk management
  • Business continuity
  • Monitoring and oversight

Constant Evolution

Regulations are constantly evolving in this space, and AWS is working closely with customers to help them proactively respond to new rules and guidelines. The company encourages financial institutions to obtain appropriate advice on compliance with all regulatory and legal requirements relevant to their business and local laws.

Compliance Framework

AWS has established a strong compliance framework and advanced tools and security measures that financial institutions can use to evaluate, meet, and demonstrate compliance with applicable legal and regulatory requirements.

Data Privacy and Protection

Data privacy and protection considerations are also critical for financial institutions using AWS in the Philippines. The country’s Data Privacy Act 2012 and its Implementing Rules and Regulations must be taken into account, as well as EU General Data Protection Regulation (GDPR) requirements if customers process or plan to process personal data of data subjects in the European Union.

Assessing Compliance Needs

To better understand their compliance needs, financial institutions using AWS can consider:

  • The purpose of their workload
  • Assess criticality according to local requirements
  • Review the AWS Shared Responsibility Model
  • Map responsibilities for each AWS service used

Customers can also access AWS Artifact to obtain audit reports and conduct their assessment of control responsibilities.

Contact Information

For further information on how AWS services can support security and compliance needs, financial institutions can contact their account representative or reach out to AWS directly.