Section one: Contracting authority
one.1) Name and addresses
Financial Conduct Authority
12 Endeavour Square
London
E20 1JN
Contact
FCA Procurement
Telephone
+48 00116768
Country
United Kingdom
NUTS code
UK - United Kingdom
National registration number
01920623
Internet address(es)
Main address
Buyer's address
one.3) Communication
Additional information can be obtained from the above-mentioned address
Electronic communication requires the use of tools and devices that are not generally available. Unrestricted and full direct access to these tools and devices is possible, free of charge, at
https://atamis-fca.my.site.com/s/Welcome
one.4) Type of the contracting authority
Other type
Financial Regulator
one.5) Main activity
Other activity
Regulates financial services firms and Financial markets in the UK
Section two: Object
two.1) Scope of the procurement
two.1.1) Title
FCA Public Keys Infrastructure (PKI) as a Service
Reference number
C2418
two.1.2) Main CPV code
- 72212732 - Data security software development services
two.1.3) Type of contract
Services
two.1.4) Short description
The FCA regulates financial services firms and financial markets in the UK. The FCA is responsible for ensuring that financial markets work well, so that consumers get a fair deal.
The FCA’s strategic objective is to ensure that relevant markets function well and has three operational objectives:
to protect consumers
to protect financial markets
to promote competition
The FCA Head Office is based in London, but we also work across the UK, from our offices in Leeds and Edinburgh and via colleagues in Belfast and Cardiff.
The scope of the upcoming tender is to procure a Managed PKI solution and service to implement into the FCA to deliver a full end to end PKI solution.
two.1.5) Estimated total value
Value excluding VAT: £2,200,000
two.1.6) Information about lots
This contract is divided into lots: No
two.2) Description
two.2.2) Additional CPV code(s)
- 72212732 - Data security software development services
- 72000000 - IT services: consulting, software development, Internet and support
two.2.3) Place of performance
NUTS codes
- UK - United Kingdom
two.2.4) Description of the procurement
The existing FCA PKI service utilises multiple processes and manual intervention making the process slow and inefficient. A robust PKI service is crucial for maintaining trust, security, and privacy in digital communications by effectively managing cryptographic keys and certificates.
The FCA is seeking to procure a Public Key Infrastructure as a service (PKIaaS) solution to provide central key and certificate management across the FCA estate as well as to support end user devices and TLS. There is a requirement to establish ownership for the PKI service to increase transparency and provide accountability. The introduction of a PKIaaS will enable the FCA to move away from a localised PKI. There will be a requirement to rollout a cloud-based PKIaaS with integrated lifecycle management with a dedicated offline root Certificate Authority (CA) with certificate issuing capability. The certificates for public-facing websites will be integrated with PKIaaS and processes for automated certificate management developed. The solution must support integration with Intune, AzureAD Single Sign On, and FCA PAM solution.
two.2.14) Additional information
Open procedure will be utilised. The resulting contract from the upcoming tender will be for a 3year term valued at circa £730k per annum
two.3) Estimated date of publication of contract notice
30 April 2024
Section four. Procedure
four.1) Description
four.1.8) Information about the Government Procurement Agreement (GPA)
The procurement is covered by the Government Procurement Agreement: Yes
Section six. Complementary information
six.3) Additional information
The contracting authority considers that this upcoming opportunity may be suitable for economic operators that are small or medium enterprises (SMEs). However, any selection of tenderers will be based solely on the criteria set out for the procurement.