Guide to Financial Services Regulations & Guidelines in Vietnam

Financial regulators in Vietnam mainly include:

● The State Bank of Vietnam (SBV): SBV is the central bank of Vietnam and is responsible for supervising financial service institutions, including state-owned banks, credit institutions, commercial (private) banks, foreign banks, financial leasing companies, foreign exchange companies, and non-bank financial institutions that provide intermediary payment services.

SBV has issued regulations and guidelines for financial institutions in Vietnam to comply with when they are using cloud services.

To standardize the use of cloud services by financial institutions, SBV has provided a framework for financial institutions in Vietnam when they are planning to use cloud services. The framework puts forward a series of requirements for due diligence, risk management, business continuity, and monitoring and oversight. The related regulatory requirements and guidelines include:

● SBV Circular No. 9/2020 Prescribing Information System Security in Banking Operations

The above framework covers a variety of contract and business areas, including due diligence, risk management, business continuity, and monitoring and oversight.

Regulations are changing rapidly in this space, and Huawei Cloud is working to help customers proactively respond to new rules and guidelines.

The financial regulatory requirements released by Vietnam are mainly about due diligence, risk management, business continuity, monitoring, and supervision when Vietnam financial institutions plan to use cloud services. Such regulatory requirements are customer-side requirements. Huawei Cloud will cooperate with our customers to provide corresponding capability support and compliance certificates. Huawei Cloud has released a series of compliance white papers to demonstrate its compliance framework, advanced tools, and security measures. Our customers can refer to these white papers.

Huawei Cloud has released compliance white papers, such as Huawei Cloud Security White Paper, Huawei Cloud Cyber Security and Privacy Protection FAQs, and Huawei Cloud Data Security White Paper. For more white papers, go to the resource center.

Financial institutions in Vietnam should also consider applicable privacy requirements while using Huawei Cloud. The Huawei Cloud Compliance with Vietnam Privacy Protection Regulations document provides Huawei Cloud privacy protection experience and practices and describes how we help you meet Vietnam privacy compliance requirements.

Huawei Cloud is committed to building secure and trusted cloud services. The infrastructure and services provided by Huawei Cloud have been assessed by authoritative, independent, third-party agencies and reviewed by the relevant certifying bodies.

Huawei Cloud is compliant with a wide range of international standards and practices, including:

• Security standards: ISO 27001, ISO 27017, CSA STAR, PCI DSS, PCI 3DS, ISO 27034, and NIST cyber security framework (CSF), and more

• Privacy standards: ISO 27018, ISO 27701, BS 10012, ISO 29151, and ISO 27799

• Other standards: ISO 22301 (for business continuity management), ISO/IEC 20000 (for IT service management),TL 9000 and ISO 9001 (for quality management), SOC 1, SOC 2, and SOC 3(for audit)

Learn more from Compliance Certificates in the Compliance Center.