Service Navigation



The term “Cloud” signifies a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.1

“Cloud” gets distinguished into three layers referring to the services provided:

  1. Infrastructure as a Service (IaaS): the provision of storage space
  2. Platform as a Service (PaaS): the provision of services, for example data bases
  3. Software as a Service (SaaS): the provision of entire programmes over the network like applications 

While in everyday life, most persons use the cloud to stream music and videos or save documents and pictures online, in the financial sector, it is used by companies for enterprise applications and to boost technical innovations.


The opportunities offered by the Cloud are at hand. It offers the possibility of a rapid modernisation of companies incorporating new technology quickly as well as state-of the art security.

One of the cloud projects DBG pursues is the multi-vendor strategy for cloud usage together with its’ partners. This strategy offers the possibility to leverage each providers’ strength and avoid dependencies from single partner set-up. 

Regulatory initiatives

Many countries as well as institutions, like the European Commission, European Securities and Markets Authority (ESMA) and the International Organisation of Securities Commissions (IOSCO) started regulatory initiatives to provide more certainty surrounding the use of Cloud technology and DBG is closely monitoring the on-going developments and actively participates in consultations.

1 National Institute of Standards and Technology, 2011. ‘Computer Security’ can be accessed here.

Proposed Regulation for Digital Operational Resilience Act (DORA)

Proposed by the European Commission as part of the Digital Finance Package, this regulation sets out an EU framework for the digital operational resilience of financial entities in the Union, including cloud service providers. 

Collaborative Cloud Audit Group (CCAG)

This initiative by Deutsche Börse Group in cooperation with cloud providers is currently used together with other users underlying the same regulatory provisions.

Deutsche Börse Group’s Multi Vendor Cloud Strategy

In order to leverage the individual strengths of different cloud providers, DBG has contracts with Microsoft, SAP and Google for the use of their respective cloud services. 

ESMA Consultation on the Draft Guidelines on Outsourcing to Cloud Service Providers

The draft guidelines are intended to help firms outsourcing parts of their IT to Cloud providers in identifying and assessing the risk arising from that.

European Commission on ‘Cloud Computing’

The European Commission gives an overview of how cloud technology can help Europe to grow and gives overview over EU initiatives and projects in this sector.

IOSCO consultation on outsourcing principles

IOSCO is consulting on the identified principles by the organisation for outsourcing parts of the business in the Cloud.