GRC, Legal Expert Advocates For Continuous Enhancement Of Governance Frameworks in Cloud Technology Adoption
The Nigerian financial institutions and Fintechs have been urged to regularly review their governance frameworks to ensure its relevance and effectiveness in the evolving cloud environment. .
This call was made by Mr. Gbenga Haastrup, at a discussion forum at the just concluded Regtech Africa Conference 2023 held on May 24-25, 2023 in Lagos, with the theme Elevating National Policy on Financial Inclusion, Consumer Protection and Cyber Security.
He stated that implementing effective governance for cloud computing initiatives is an ongoing process that requires continuous monitoring, evaluation, and adaptation and that financial institutions need to collaborate with stakeholders, seek feedback, and make adjustments as needed to optimize the governance practices for cloud computing initiatives.
Whilst commending regulators like the Central Bank of Nigeria (CBN) and the National Information Technology Development Agency (NITDA) for issuing regulations including the Risk Based Cybersecurity Framework and Guidelines for DMBs/PSPs (in 2018) and OFIs (in 2022) and the Nigeria Data Protection Regulation 2019 (NDPR) respectively, which have strengthened the ecosystem, he urged the regulators to also continually update and improve regulations and compliance efforts to cater for emerging risks and threats as cybercriminals are constantly upping their skill levels and the regulatory and compliance effort would also need to evolve proactively and accordingly to be effective.
Mr Haastrup, who is a leading lawyer and one of the pioneer legal and compliance thought leaders in Nigeria’s Fintech industry, also advised that as financial institutions and Fintechs increasingly adopt cloud technology, they should develop and implement well-defined cloud strategies that align with their corporate objectives and prioritize investing in robust security and compliance measures as data and cybersecurity breaches come with heavy financial losses, fines and reputational damage.
Other speakers at the cyber security session which was moderated by Mrs Adedoyin Odunfa (MD, Digital Jewels) were Mr. Femi Jaiyeola (CCO of Access Bank) and Mr. Samuel Asiyanbola (of PWC), all concurred that cloud technology is the way to go for Financial Institutions because of its attendant advantages in today’s technological landscape, and urged banks and other businesses that have or intend to adopt cloud technology to ensure that their legal and technical teams do detailed due diligence and evaluation of the cloud service providers and the terms of engagement so as to get the best and also adequately protect themselves.