Contact us
Blog
/
Linkedin Youtube

What is operational resilience?

With the introduction of the new regulations, we look at what operational resilience is, and what it means for organisations.

2022-04-01With the introduction of new regulations governing operational resilience within the UK financial services sector, we take a closer look at what operational resilience is, why the regulations have been implemented, and how digital tools can help. We also consider the impact they will have on organisations around the globe.

What is operational resilience?

The Bank of England describes operational resilience as ‘the ability to prevent, adapt, respond to, recover and learn from operational disruptions’ in a paper issued jointly with the Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA).

The foundations for the regulation were laid in 2018, when the Discussion Paper ‘Building the UK Financial Sector’s Operational Resilience’ was published as a response to the understanding that ‘a lack of operational resilience represents a threat to each of the supervisory authorities’ objectives, as well as to their shared goal of maintaining financial stability.’

Why have operational resilience regulations been implemented?

With the implementation of the new regulation, the focus has shifted somewhat from business continuity management and incident management approaches, which deal with the resilience of an actor, to the important business services being offered. For organisations, this means identifying their important business services and mapping how disruption may have an impact, beyond their own commercial interests. The aim of this is to limit the effect on financial markets, the economy, and the consumers (retail and wholesale) of these services.

Who is impacted by the new regulations?

The three bodies – PRA, FCA, and The Bank of England– have combined responsibility for governing virtually all registered actors within the UK financial service sector. Accordingly, the following will be impacted by the new Operational Resilience regulations:

  • Banks and building societies
  • Insurers
  • Credit unions
  • PRA regulated investment firms
  • FCA authorised and recognised entities
  • Recognised payment systems
  • Specified service providers
  • Central securities depositories and central counterparties
  • Overseas UK deposit takers with PRA regulated activity permissions

Want to learn more?

Discover how you can build, verify and track your organisational resilience with our training and exercise services and Exonaut® software solutions.

Beyond the financial industry

Although currently limited to the financial industry with operations in the UK, we believe that these regulations will have an impact on the industry globally and may trickle down into other highly regulated industries where the loss of services will have a significant impact on society. The need to be operationally resilient will be accelerated when we move beyond the pandemic, and organisations have fully assessed their response to COVID-19. As an organisation, it will become imperative to have a holistic overview of capabilities that goes beyond business continuity management and crisis management to include the full spectrum of operations moving forward.

What are the business areas of operational resilience?

There are a multitude of operational areas that contribute to an organisation’s ability to deliver important business services. Analysing resilience maturity within these will be key to an effective operational resilience programme. The operational areas include but are not limited to:

Operational resilience steps

As mentioned earlier, the first step in any operational resilience program is identifying important business services. With that completed, important business services tolerances – thresholds for maximum tolerable disruption to help achieve consumer protection and market integrity – are defined and set. This includes mapping support dependencies, i.e., identifying and documenting the people, processes, technology, facilities and information that support important business services. Severe but plausible disruption scenario testing of the dependencies is then carried out to check their ability to remain within the impact tolerances. Following this, lessons learned exercises are performed to identify, prioritise, and invest in the dependencies’ ability to respond and recover from disruptions as effectively as possible. Internal and external communications plans are developed throughout the process for when important business services are disrupted.

The best way to do this is with a digital tool that enables you to document and manage the entire process in a constant proactive cycle of improvement.

Which digital tool should be used for operational resilience?

As operational resilience lies within an ecosystem that includes riskincident/crisis and business continuity management, as well as compliance, it’s important to have a tool that supports this. When defining, analysing and developing tolerances and dependencies within important business services and areas, being able to consolidate all the data will simplify the process, provide full transparency, facilitate better collaboration and deliver results faster.

The Exonaut Operational Resilience solution is produced in response to this market requirement. As part of an entire Exonaut readiness management software suite, it is used by a global client base within highly regulated industries and the public sector. Features include:

  • Operational resilience dashboards
  • Task management timelines
  • Dependency mapping
  • Resilience Toolkit
  • Automated reporting
  • iOS and Android apps

Read more about our Exonaut Operational Resilience solution.

No matter if you are faced with meeting regulations in the near future, wish to improve your organisational resilience to safeguard operations moving forward, and/or return to business as usual (BAU) state following the COVID-19 pandemic, we can support you.

4C Strategies is a leading provider of organisational readiness and military training management solutions through our Exonaut® software and advisory services. Founded in 2000, 4C Strategies today serves military, public and private clients in more than 70 countries around the globe. We combine the power of digital innovation with industry expertise to build a safer society.

Related articles

Resilience Software
See all Resilience products
Defence Software
See all Exonaut products
Advisory Services
See all Advisory Services

Subscribe to our newsletter to receive our latest updates

Linkedin Youtube

Copyright 2025 © 4C Strategies

Back
Products
Consultancy
Sectors
Resources
About
Resilience Software
Resilience Platform
Continuity Manager

Continuity management software

Risk Manager

Risk management software

Incident Manager

Incident & Crisis management software

Exercise Manager

Exercise management software

Defence Software
Exonaut Defence Platform
Planning & Programming
Collective Training & Exercise Management
Wargame & Simulation Management
Special Forces Selection
Training Measurement & Evaluation
Trials & Experimentation Management
Lessons Management
Unit Training Management
Deterrence Reporting
Interoperability Reporting Management
Additional info
Onboarding
Information Security
Release notes
Support Portal
Analyst reviews
Risk Management
Continuity Management
Training & Exercise Management
Incident & Crisis Management
Climate Risk & Resilience
IT Continuity & Cyber Security
By Sector
Emergency Services
Energy & Utilities
Financial Services
IT & Telecom
Manufacturing
Military & Defence
Public Safety
Transportation & Aviation
Latest from our blog
New UK Policy for Oversight of Critical Third Parties (CTPs) in the Financial Sector
Power of Exercising: Optimize Evaluation for Crisis Management & Emergency Response Teams
Transforming Military Training with AI
See all news articles
Recent Case Studies
Scheduling & Management of Training Participants in Royal Navy’s Exercise Strike Warrior 24 
Crisis communication for London Luton Airport
Transforming incident management & public safety at KTH The Royal Institute of Technology
See all case studies
Events
See all of our upcoming events
More resources
Guides
Webinars
Video Library
Support Portal
Release notes
About us
Work at 4C
Press & Media
Contact us
Investor relations
Sustainability
Quality Management
Information security
Contact us

Sign up now

Sign up for a Resilience Health Check