Interestingly the Australian financial services regulator (APRA) has a requirement that companies have a multi-cloud plan for each of their applications. For example, a 'company critical' application needs to be capable of migrating to a secondary cloud service within 4 weeks.

I'm not sure how common this regulation would be across industries in Australia or whether it's something that is common in other countries as well.

US federal financial regulators and NYDFS have similar concerns and strong opinions, but nothing in statute or regulatory rule making yet (to my knowledge; I haven’t had to sit in those meetings for about 2 years).

I would imagine all of it. The underlying data is going to be on encrypted volumes and I'd expect deleting them would render the data non-recoverable.