Operational resilience

Operational Resilience

Operational Resilience has received increased regulatory scrutiny with the release of the joint discussion paper by the Bank of England, Financial Conduct Authority and the Prudential Regulatory Authority in July 2018. A clear statement from the regulators that the continued failure of organisations through neglect or oversight to implement strong Operational Resilience controls was no longer acceptable in light of the evident harm caused to consumers and markets.

The regulators are now close to releasing a final Policy Statement which, once delivered, we expect to set the clock running for firms. Inaction will no longer be an option and we anticipate firms will need to be substantively ’complete’ by the end of this year.

Firms must look at their Operational Resilience and ensure that they take action to minimise the risk of harm to customers arising through interruptions to Important Business Services. The approach will need to consider:

  • Governance framework and controls
  • Identification of ‘Important Business Services’
  • Mapping of business services and vulnerabilities
  • Identification of scenarios and scenario testing
  • Impact tolerance setting and statements
  • Assessment of third-party service providers

It is important that firms recognise the distinction between the regulator’s approach to Operational Risks and other elements of business management. Specifically, the process of building Operational Resilience is not covered by existing plans for:

  • Business continuity planning;
  • Disaster recovery plans;
  • Operational risk frameworks.

Now is the time to begin taking action on your own firm’s Operational Resilience planning, if you have not already started the process.

Kenneth Underhill’s webinar: “An Introduction to Operational Resilience” is available to watch on our YouTube channel. It is the first in a series of webinars on the subject, all available to watch on YouTube.

Operational Resilience – Regulatory Timeline

The joint discussion paper issued by the Bank of England, Financial Conduct Authority and the Prudential Regulatory Authority in July 2018 started the current work on Operational Resilience. Take a look at our expanded regulatory timeline for a full list of key dates, including links to all the main consultation papers, discussion papers and policy statements that have been issued.

Operational Resilience—The ICSR Approach

Operational Resilience will be a living and breathing process requiring continual oversight and change. It will require firms to undertake a considerable project to create and embed the necessary processes. We do not anticipate significant change to current policy guidance and our experience suggests that fully completing a programme of work and embedding Operational Resilience into your operating model will take 6-12 months depending on scope and resources.

There are two resourcing approaches to the work, which can be carried out in stages to assist with client planning:

  • An advice only approach;
  • An advice, support and validation model with design, test and implementation phases for the operational resilience framework, along with the training necessary for the client’s own staff to take responsibility for the ongoing management of the framework.

Our approach will be based on your business models and the outcome of proof of concept testing.

ICSR can provide the resources necessary to support either model, including SMEs, Business Analysts, Programme Managers and IT expertise.

Latest News: Operational Resilience

Our team have produced a number of articles on the subject of Operational Resilience. The most recent are shown below. To see all articles on the subject, please click here to go to our news page.

PRA Business Plan: An Agenda For (International) Growth?

PRA Business Plan: An Agenda For (International) Growth?

The PRA published its business plan earlier in April and as with the FCA, there is unsurprisingly quite a significant focus on how it will deliver its new growth objectives now these are formally in place. As Sam Woods says in the foreword, it will be the first full...

read more
Market Modernisation – Balancing Risk & Readiness

Market Modernisation – Balancing Risk & Readiness

This article was first published by Insurance Day in their Viewpoint section and subsequently also included in their Market Modernisation feature in February 2024. Change is inevitable and our market is constantly managing a whole variety of change programmes, each...

read more

Our Experience

ICSR has already helped a number of firms formulate their approach and undertake the necessary work. We have been able to build a team with unrivalled experience and expertise in Operational Resilience, the methodologies which can be adopted, and the documentation and governance structures required to complete an operating framework.

Case Studies: Operational Resilience

ICSR has carried out a number of assignments helping clients with their Operational Resilience planning. 

Our Operational Resilience Team

Please contact any of the team if you want to discuss your own approach to Operational Resilience.

Kenneth Underhill

Craig Umbleja
Senior Consultant

Yvonne Lancaster

Daniel Mertz

James Doolan

Natasha Pye

Ian Josephs

Many of our Talent Pool members have specific skills and experience relevant to operational resilience. Please use the search box to find people using specific keywords (eg. ‘Operational Resilience’) or by using the categories in the ‘slider’ settings.

Generic filters

Advisory & Resourcing

Pin It on Pinterest