The document discusses regulatory requirements for outsourcing critical or important operational functions. It states that firms must take reasonable steps to avoid additional operational risk when outsourcing critical functions and must not outsource in a way that impairs internal controls or regulators' ability to monitor compliance. It also provides detailed rules on governance, oversight, contingency planning, and information sharing requirements for outsourcing.