Google Cloud has been designated as a Critical Third Party to the UK financial sector, bringing the cloud provider under direct regulatory oversight by the Bank of England, the Prudential Regulation Authority, and the Financial Conduct Authority from July 13, 2026. The designation, announced by HM Treasury on July 10, marks a significant regulatory milestone that reflects the growing systemic importance of cloud services to the stability of British financial institutions.
The Critical Third Party regime, established through the Financial Services and Markets Act 2023, empowers UK financial regulators to oversee service providers whose disruption could affect multiple financial firms at once. Google Cloud EMEA Limited, Microsoft Ireland Operations Limited, Amazon Web Services EMEA SARL, and Oracle Corporation UK Limited are the four initial providers to receive the designation.
Under the new oversight framework, regulators will gather information, assess resilience, and work with designated providers to address risks to the continuity of critical services. As a CTP, Google Cloud must ensure it has robust arrangements in place to identify, manage, and recover from operational disruption affecting critical services used across the financial sector.
The move reflects the increasing reliance of banks, insurers, and financial market infrastructures on cloud services. As these institutions become more dependent on major cloud suppliers, disruption at a single provider could potentially cascade across the system, impacting services millions of people and businesses depend on. Rachel Blake MP, Economic Secretary to the Treasury and City Minister, stated that the designations “will help ensure the critical services financial firms rely on remain resilient, protecting consumers and businesses while supporting growth across the economy.”
Google Cloud’s financial services business has been growing rapidly. Revenue at Google Cloud surged 63% to $20 billion in the first quarter of 2026, significantly exceeding analyst expectations of a 50.1% increase, according to Reuters. Google Cloud now represents 18% of Alphabet’s total revenue, up from 13.6% a year earlier.
A spokesperson for Google Cloud acknowledged the designation, saying the company is “committed to supporting the operational resilience of the UK financial sector by delivering secure, scalable, and resilient services.” The company indicated confidence that “with effective implementation and meaningful industry engagement, this new Critical Third Party framework can enhance the long-term resilience of the UK’s financial ecosystem and increase understanding, transparency, and trust between all parties.”
The regulatory oversight applies only to systemic services provided to the financial sector, not to the firms’ wider operations. HM Treasury takes a risk-based and proportionate approach to designation, ensuring only the most critical third-party providers are brought into the regime. The Treasury indicated that further designations may be made where providers are assessed as meeting the statutory criteria.
Sources
- GOV.UK — Official announcement of Critical Third Party designations, July 10, 2026
- Google Cloud Blog — Company statement on CTP designation and commitment to UK financial sector resilience
- Reuters — UK cloud provider regulation and Google Cloud Q1 2026 revenue growth
- Bank of England — Regulatory oversight framework for Critical Third Parties












