FSI published a brief that examines the operational resilience initiatives of financial-sector authorities, in response to the COVID-19 outbreak. The brief focuses on examples of business continuity guidance issued by authorities in response to COVID-19, including updates to the existing guidance and the incorporation of pandemic scenarios into testing operational resilience. The brief emphasizes that pandemics may have unique elements that financial institutions need to incorporate in the scenarios to test their operational resilience.
Supervisory discussions at the international level have recently shifted toward achieving operational resilience more broadly. BoE is the first national authority to have issued a consultation on its operational resilience expectations. BoE defines operational resilience as the ability of firms and the financial sector to prevent, adapt, respond to, recover from, and learn from operational disruptions. The objective of addressing operational resilience of financial institutions to IT outages and cyber attacks has clearly motivated the BoE consultation as well as the international supervisory discussions. However, as seen in the disruption that COVID-19 outbreak has caused in recent weeks, financial institutions need to review and ensure that their operational resilience procedures are also fit for purpose during pandemics.
As shown by the recent spate of supervisory guidance in relation to the COVID-19 outbreak, pandemics may have unique elements that financial institutions need to incorporate in the scenarios to test their operational resilience. International efforts to come up with operational resilience standards should take into account these unique elements, including the following:
- Critical or essential employees—It is important to identify the critical functions and employees who support important business services as well as to ensure employee safety. Financial institutions should ensure that employees can safely resume their duties (remotely, if necessary) so that business services can recover as quickly as possible.
- IT infrastructure—Financial institutions should ensure that their IT infrastructure can support a sharp increase in usage and take steps to safeguard information security.
- Third-party service providers—Financial institutions should ensure that their external service providers and/or critical suppliers are taking adequate measures and are sufficiently prepared for a scenario in which there will be heavy reliance on their services.
- Cyber resilience—Financial institutions’ cyber resilience processes should remain vigilant to identify and protect vulnerable systems. These processes should be able to detect and respond to cyber attacks and help an institution recover from them.
Keywords: International, Banking, Insurance, Securities, COVID-19, Business Continuity, Operational Risk, Cyber Risk, Third-Party Arrangements, Operational Resilience, BoE, BIS, FSI
Leading economist; commercial real estate; performance forecasting, econometric infrastructure; data modeling; credit risk modeling; portfolio assessment; custom commercial real estate analysis; thought leader.
The European Banking Authority (EBA) published the final guidelines on the monitoring of the threshold and other procedural aspects on the establishment of intermediate parent undertakings in European Union (EU), as laid down in the Capital Requirements Directive (CRD).
In a recent Market Notice, the Bank of England (BoE) confirmed that green gilts will have equivalent eligibility to existing gilts in its market operations.
The Financial Conduct Authority (FCA) published the policy statement PS21/9 on implementation of the Investment Firms Prudential Regime.
The European Banking Authority (EBA) proposed regulatory technical standards that set out criteria for identifying shadow banking entities for the purpose of reporting large exposures.
The Board of the International Organization of Securities Commissions (IOSCO) proposed a set of recommendations on the environmental, social, and governance (ESG) ratings and data providers.
The European Securities and Markets Authority (ESMA) published recommendations from the Working Group on Euro Risk-Free Rates (RFR) on the switch to risk-free rates in the interdealer market.
The European Commission (EC) announced plans to defer the application of 13 regulatory technical standards under the Sustainable Finance Disclosure Regulation (2019/2088) by six months, from January 01, 2022 to July 01, 2022.
The European Insurance and Occupational Pensions Authority (EIOPA) proposed to amend the supervisory statement on supervision of run-off undertakings that are subject to Solvency II regulation.
The Bank of England (BoE) published a consultation paper on approach to setting minimum requirement for own funds and eligible liabilities (MREL), an operational guide on executing bail-in, and a statement from the Deputy Governor Dave Ramsden.
The European Banking Authority (EBA) is seeking preliminary input on standardization of the proportionality assessment methodology for credit institutions and investment firms.