On 10 July 2026, HM Treasury (HMT) announced that four major global cloud services and technology providers will be designated as Critical Third Parties (CTPs) from 13 July 2026.
The Critical Third Parties (Designation) Regulations 2026 have also been made which designate the four entities as CTPs.
The CTPs regime was established through the Financial Services and Markets Act 2023 to strengthen the operational resilience of the UK financial system. HMT makes designation decisions following consultation with third parties, the Bank of England, Prudential Regulation Authority (PRA) and Financial Conduct Authority (FCA). The regulators have made rules that set the outcomes that they expect from designated CTPs (see PRA Policy Statement 16/24 and FCA Policy Statement 24/16). Such CTPs must identify and manage risks to the systemic services they provide, and maintain open, timely communication with regulators and the firms that rely on them, particularly during major incidents.