Best Practice Guide
The timeline of operational resilience proposals
More than a decade after the financial crisis of the late 2000s, operational resilience – the ability of firms and the financial sector as a whole to prevent, adapt, respond to, recover, and learn from operational disruptions – remains a key concern of central bankers and other prudential regulators. These stakeholders, of course, were already responsible for erecting a post-crisis regulatory infrastructure intended to bolster the stability of financial markets; so, one might ask, from where do their new resilience concerns issue?
It appears the interest in operational resilience, above and beyond levels demanded by existing regulation, is a product of the new risk picture, characterized by hostile cyber environment, technical innovation, increased system complexity, changing mobile behaviors, etc. Indeed, the working assumption of regulators is that as new risk triggers accumulate (see more below), disruption becomes more likely to occur at some point in the future. And that disruption, come as it will from newer risk factors, will not only prevent firms and FMIs (financial market infrastructures) from operating as usual but might also pose grave peril to the broader financial system.
So, given the changes to the industry-wide risk picture, regulators haven’t been quiet. In recent years, they have taken initial steps to collate pragmatic business continuity, operational resilience, and operational risk management best practices as well as build on existing regulation, all with the end-goal of mandating an industry-wide approach to operational resilience. In the U.K., specifically, the Bank of England (BoE), Prudential Regulatory Authority (PRA), and Financial Conduct Authority (FCA) put out a joint discussion paper, 2018’s “Building the UK financial sector’s operational resilience,” intended to jump-start a dialogue with the financial industry.
Download the full guide to continue reading >>