What is operational resilience and why is it important?
2022-04-01
With the introduction of new regulations governing operational resilience within the UK financial services sector, we take a closer look at what operational resilience is, why the regulations have been implemented, and how digital tools can help. We also consider the impact they will have on organisations around the globe.
The foundations for the regulation were laid in 2018, when the Discussion Paper ‘Building the UK Financial Sector’s Operational Resilience’ was published as a response to the understanding that ‘a lack of operational resilience represents a threat to each of the supervisory authorities’ objectives, as well as to their shared goal of maintaining financial stability.’
Why have operational resilience regulations been implemented?
With the implementation of the new regulation, the focus has shifted somewhat from business continuity management and incident management approaches, which deal with the resilience of an actor, to the important business services being offered. For organisations, this means identifying their important business services and mapping how disruption may have an impact, beyond their own commercial interests. The aim of this is to limit the effect on financial markets, the economy, and the consumers (retail and wholesale) of these services.
Who is impacted by the new regulations?
The three bodies – PRA, FCA, and The Bank of England– have combined responsibility for governing virtually all registered actors within the UK financial service sector. Accordingly, the following will be impacted by the new Operational Resilience regulations:
Banks and building societies
Insurers
Credit unions
PRA regulated investment firms
FCA authorised and recognised entities
Recognised payment systems
Specified service providers
Central securities depositories and central counterparties
Overseas UK deposit takers with PRA regulated activity permissions
Want to learn more?
Discover how you can build, verify and track your organisational resilience with our training and exercise services and Exonaut® software solutions.
Although currently limited to the financial industry with operations in the UK, we believe that these regulations will have an impact on the industry globally and may trickle down into other highly regulated industries where the loss of services will have a significant impact on society. The need to be operationally resilient will be accelerated when we move beyond the pandemic, and organisations have fully assessed their response to COVID-19. As an organisation, it will become imperative to have a holistic overview of capabilities that goes beyond business continuity management and crisis management to include the full spectrum of operations moving forward.
What are the business areas of operational resilience?
There are a multitude of operational areas that contribute to an organisation’s ability to deliver important business services. Analysing resilience maturity within these will be key to an effective operational resilience programme. The operational areas include but are not limited to:
As mentioned earlier, the first step in any operational resilience program is identifying important business services. With that completed, important business services tolerances – thresholds for maximum tolerable disruption to help achieve consumer protection and market integrity – are defined and set. This includes mapping support dependencies, i.e., identifying and documenting the people, processes, technology, facilities and information that support important business services. Severe but plausible disruption scenario testing of the dependencies is then carried out to check their ability to remain within the impact tolerances. Following this, lessons learned exercises are performed to identify, prioritise, and invest in the dependencies’ ability to respond and recover from disruptions as effectively as possible. Internal and external communications plans are developed throughout the process for when important business services are disrupted.
The best way to do this is with a digital tool that enables you to document and manage the entire process in a constant proactive cycle of improvement.
Which digital tool should be used for operational resilience?
As operational resilience lies within an ecosystem that includes risk, incident/crisis and business continuity management, as well as compliance, it’s important to have a tool that supports this. When defining, analysing and developing tolerances and dependencies within important business services and areas, being able to consolidate all the data will simplify the process, provide full transparency, facilitate better collaboration and deliver results faster.
The Exonaut Operational Resilience solution is produced in response to this market requirement. As part of an entire Exonaut readiness management software suite, it is used by a global client base within highly regulated industries and the public sector. Features include:
No matter if you are faced with meeting regulations in the near future, wish to improve your organisational resilience to safeguard operations moving forward, and/or return to business as usual (BAU) state following the COVID-19 pandemic, we can support you.
4C Strategies is a leading provider of organisational readiness and military training management solutions through our Exonaut® software and advisory services. Founded in 2000, 4C Strategies today serves military, public and private clients in more than 70 countries around the globe. We combine the power of digital innovation with industry expertise to build a safer society.
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookies
Strictly Necessary Cookies are needed for correct functionality of the site.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
Marketing Cookies
This website uses Google Analytics, LeadFeeder and MixPanel to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Please enable Strictly Necessary Cookies first so that we can save your preferences!