Security breaches involving cloud computing services highlight the importance of sound security controls and management’s understanding of the shared responsibilities between cloud service providers and their financial institution clients, federal regulators said.

Through the Federal Financial Institutions Examination Council, the agencies said management should not assume that effective security and resilience controls exist simply because technology systems are operating in a cloud computing environment.