Here is the rewritten article in Markdown format:

Financial Institution Compliance Requirements in Romania

In a bid to ensure that financial institutions in Romania operate within the bounds of applicable legal and regulatory requirements, Amazon Web Services (AWS) has committed to offering advanced tools and security measures that enable them to evaluate, meet, and demonstrate compliance with these requirements.

Regulatory Bodies in Romania

The National Bank of Romania (NBR) supervises credit institutions to protect depositors’ interests and ensure a sound and viable banking sector. The Financial Supervisory Authority (ASF), on the other hand, oversees securities markets, brokers, fund managers, payment service providers, investment firms, pension funds, insurance, and reinsurance companies to promote market stability, competitiveness, and proper operation.

Compliance Requirements for Financial Institutions in Romania

Financial institutions in Romania using AWS services may be subject to various legal and regulatory requirements. For instance:

• The European Banking Authority (EBA) Guidelines on outsourcing arrangements issued in 2019 apply to EU-regulated credit institutions, investment firms, electronic money institutions, and payment institutions.
• Local regulations, guidelines, and laws in Romania may also apply when financial institutions use cloud services, including:
  • NBR Regulation No. 5/2013 on prudential requirements for credit institutions
  • NBR Regulation No. 5/2014 supplementing NRB Regulation No. 5/2013

Staying Ahead of Changing Regulations

To stay ahead of changing regulations, AWS is working closely with customers to help them proactively respond to new rules and guidelines. The company encourages financial institutions in Romania to seek appropriate advice on compliance with relevant regulatory and legal requirements.

Key Considerations for Financial Institutions Using AWS

Financial institutions in Romania are permitted to use cloud services as long as they comply with applicable legal and regulatory requirements. Key considerations include:

• Data privacy and protection, particularly in light of the General Data Protection Regulation (GDPR)
• Understanding compliance needs by considering the purpose of their workloads, assessing materiality or criticality, reviewing the AWS Shared Responsibility Model, and mapping responsibilities according to each service used

Additional Resources

For financial institutions in Romania, additional resources include:

• AWS Compliance Quick Reference Guide
• Implications of the Code of Conduct for Cloud Infrastructure Service Providers in Europe
• Navigating GDPR Compliance on AWS
• Using AWS in the Context of Common Privacy and Data Protection Considerations

Disclaimer

This document is provided for informational purposes only and does not create any warranties, representations, contractual commitments, conditions or assurances from AWS.