Series 2, Episode 1: Operational resilience at the board room table
May 25, 2021
auto_awesome
In this podcast, the hosts discuss the importance of operational resilience at the boardroom table, including the impact of major events, cyber crime, and people's resilience. They highlight the global priority of operational resilience for regulators and the need for expanded testing regimes and risk-based assessment. The importance of tailor-made operational resilience, governance arrangements, and continuous dialogue with regulators is also explored.
49:48
AI Summary
AI Chapters
Episode notes
auto_awesome
Podcast summary created with Snipd AI
Quick takeaways
Operational resilience is a pressing issue due to increased reliance on technology, third-party relationships, regulatory focus, and the need for collective responses to disruptions.
Challenges and concerns in operational resilience include technology vulnerabilities, outsourcing complexities, regulatory scrutiny, and addressing human aspects like wellness and burnout.
Deep dives
Operational Resilience and Its Importance
Operational resilience is the ability of a firm and the financial services sector as a whole to identify, prepare for, respond to, adapt to, recover from, and learn from operational disruptions. Firms must develop a holistic approach to operational resilience, guided by the idea that it should be flexible and adaptive to different types of disruptions. The pandemic has highlighted the need for operational resilience, as firms have faced challenges and disruptions but managed to come through due to their resilience strategies. However, there are four key reasons why operational resilience is a pressing issue. First, there is an increased reliance on technology, such as fintech and regtech, which presents both opportunities and risks. Second, firms are relying more on third parties for crucial operations, which introduces new risks and challenges in managing those relationships effectively. Third, regulators, including the UK's Prudential Regulatory Authority, Financial Conduct Authority, and Bank of England, are placing a greater focus on operational resilience, making it a regulatory priority. Finally, firms are realizing the need for a collective approach to operational resilience, as they are interconnected and must consider systemic responses to disruptions.
Challenges and Concerns for Operational Resilience
The podcast discusses several challenges and concerns related to operational resilience. One major concern is increasing reliance on technology, including automation, AI, and machine learning, which creates vulnerabilities and risks. The outsourcing of key business processes adds complexities and exposes firms to inexperience in those areas, potentially posing significant risks. Additionally, regulators are scrutinizing operational resilience plans, which may result in fines for non-compliance. Lastly, the pandemic has highlighted the need to address human aspects of operational resilience, such as wellness, stress, and burnout, to ensure the resilience of employees and the overall firm.
Regulators' Actions and Expectations
Regulators around the world are taking action and setting expectations for operational resilience. The Financial Stability Board, for example, has included cyber and operational resilience in its work program. Basel, FCA, PRA, and other regulators have issued principles, guidance, and regulations covering various aspects of operational resilience. The EU has published draft regulations on digital operational resilience, and other countries like the US, Australia, Hong Kong, and Singapore are also implementing their own regulatory initiatives. Regulators emphasize the importance of governance, operational risk management, business continuity planning, third-party management, incident management, and scenario analysis in operational resilience.
Building Operational Resilience Frameworks
To effectively build operational resilience frameworks, firms need to prioritize governance and ensure that operational resilience is led by the board and integrated into the firm's corporate governance. Firms should not be complacent, thinking that the challenges they faced during the pandemic mean they have achieved operational resilience. Continual assessment and analysis are essential to identify and address risks. Firms should also learn from past incidents, industry best practices, and current events to enhance their operational resilience. It is important to recognize that operational resilience is not a one-size-fits-all approach, as it must be tailored to each firm's specific business and risks.
Welcome to the first episode of series 2 of Thomson Reuters Regulatory Intelligence’s Compliance Clarified podcast. For the second series we have an overarching theme of threats and particularly external ones – so there will be a recurring focus assessing what compliance functions need to consider which could impact their firm and the required good customer outcomes. In this episode Susannah Hammond is joined by Mike Cowan and Rachel Wolcott to discuss operational resilience, specifically operational resilience at the board room table, why this is an issue now, what the regulators have done and then also what firms need to consider.
Below are the links mentioned in the podcast together with an article by Rachel:
Speech by Lyndon Nelson, Deputy CEO & Executive Director, Regulatory Operations and Supervisory Risk Specialists at the U.K. Prudential Regulation Authority, entitled ”Operational resilience – outcomes in practice” https://www.bankofengland.co.uk/speech/2021/may/lyndon-nelson-uk-finance-webinar-building-operational-resilience
Central Bank of Ireland consultation paper 140 on Cross Industry Guidance on Operational Resilience https://www.centralbank.ie/docs/default-source/publications/consultation-papers/cp140/cp140---cross-industry-guidance-on-operational-resilience.pdf?sfvrsn=5 ). Responses by July, 9 2021.
U.K. Financial Conduct Authority Insights from the 2020 Cyber Coordination Groups https://www.fca.org.uk/publications/research/insights-cyber-coordination-groups-2020
Article on UK banks showing more operational resilience understanding https://www.linkedin.com/feed/update/urn:li:activity:6800392346098794496/
Further information on Thomson Reuters Regulatory Intelligence can be found here - https://legal.thomsonreuters.com/en/products/regulatory-intelligence
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
