Read our latest Operational Resilience Smart Paper: Ops Res 2.0 - Upgrading your Operating Model
Latest News: Policy statement, PS21/3 'Building operational resilience published by the FCA 29th March 2021
The SoP clarifies how the PRA’s Operational Resilience policy affects its approach to four key areas of the regulatory framework in particular;
- Operational Risk Management
- Business Continuity Planning
- The Management of Outsourced Relationships
To achieve Operational Resilience, UK regulators have outlined stipulations. TORI can assist you navigating these requirements. Specifically;
- Identifying your important/critical business services that if disrupted could cause harm to consumers or market integrity
- Identifying, documenting and mapping your people, processes, technology, facilities, third parties and information that support your firms important business services
- Setting impact tolerances for each important business service i.e. thresholds for maximum tolerable disruption
- Testing your ability to remain within impact tolerances through a range of severe but plausible disruption scenarios
- Conducting exercises and lessons learned to identify, prioritise and invest in your ability to respond and recover from disruptions
- Developing internal and external communication plans for when important business services are disrupted
- Creating self-assessment documentation
Regulators are adopting a pragmatic approach and understand that ‘one-size-fits-all’ will not produce the right outcomes. The approach is one of proportionality (size and complexity of the business plus potential systemic risk) and, by way of impact assessment and scenario planning ‘severe but plausible’. In some instances, it will be acceptable and in fact necessary to work outside of risk appetite.
For more questions and answers, specific to your Operational Resilience challenges check out our Q&A page.
How TORI can help…
We have supported clients in-and-around Operational Resilience since the early work by the regulators. In fact, we worked with the regulators to shape their thinking. So, we know exactly what it takes to succeed.
Alongside our traditional consulting services, we offer clients three specific Operational Resilience capabilities to inform and validate.
- Developing an Operational Resilience strategy
Operational Resilience Diagnostic Tool