However, outsourcing has the potential to transfer risk, management and compliance to third parties who may not be regulated, and who may operate offshore (BIS,2005). EU and US regulators required banks to be fully responsible for their operations, even if certain functions are outsourced (Evans,2005; McCormack,2003). In 2012 US banking giant Wells Fargo was fined $175mil in relation to racial discrimination. The bank did not admit to the racist practices but admit that it did not set sufficiently high standards for those third parties distributing its loan. This case demonstrate the danger of outsourcing to third parties whom, the bank may have limited control over them.
Therefore, it is important to engage with a reliable partner. Banks when decided to outsource their works must ensure that the appointed company is capable to comply with all relevant regulatory requirement for Banks which has been laid down, such as The Financial Services Act 2012, Malaysian Financial Services Act 2013. The Bank must also comply with other legislations in the country that they operate eg Data Protection Act 1998, Malaysian-Personal Data Protection Act 2010, UK-The Computer Misuse Act 1990.