FSI published a brief that examines the operational resilience initiatives of financial-sector authorities, in response to the COVID-19 outbreak. The brief focuses on examples of business continuity guidance issued by authorities in response to COVID-19, including updates to the existing guidance and the incorporation of pandemic scenarios into testing operational resilience. The brief emphasizes that pandemics may have unique elements that financial institutions need to incorporate in the scenarios to test their operational resilience.
Supervisory discussions at the international level have recently shifted toward achieving operational resilience more broadly. BoE is the first national authority to have issued a consultation on its operational resilience expectations. BoE defines operational resilience as the ability of firms and the financial sector to prevent, adapt, respond to, recover from, and learn from operational disruptions. The objective of addressing operational resilience of financial institutions to IT outages and cyber attacks has clearly motivated the BoE consultation as well as the international supervisory discussions. However, as seen in the disruption that COVID-19 outbreak has caused in recent weeks, financial institutions need to review and ensure that their operational resilience procedures are also fit for purpose during pandemics.
As shown by the recent spate of supervisory guidance in relation to the COVID-19 outbreak, pandemics may have unique elements that financial institutions need to incorporate in the scenarios to test their operational resilience. International efforts to come up with operational resilience standards should take into account these unique elements, including the following:
- Critical or essential employees—It is important to identify the critical functions and employees who support important business services as well as to ensure employee safety. Financial institutions should ensure that employees can safely resume their duties (remotely, if necessary) so that business services can recover as quickly as possible.
- IT infrastructure—Financial institutions should ensure that their IT infrastructure can support a sharp increase in usage and take steps to safeguard information security.
- Third-party service providers—Financial institutions should ensure that their external service providers and/or critical suppliers are taking adequate measures and are sufficiently prepared for a scenario in which there will be heavy reliance on their services.
- Cyber resilience—Financial institutions’ cyber resilience processes should remain vigilant to identify and protect vulnerable systems. These processes should be able to detect and respond to cyber attacks and help an institution recover from them.
Keywords: International, Banking, Insurance, Securities, COVID-19, Business Continuity, Operational Risk, Cyber Risk, Third-Party Arrangements, Operational Resilience, BoE, BIS, FSI
Leading economist; commercial real estate; performance forecasting, econometric infrastructure; data modeling; credit risk modeling; portfolio assessment; custom commercial real estate analysis; thought leader.
ECB finalized the guide on assessment methodology for the internal model method for calculating exposure to counterparty credit risk (CCR) and the advanced method for own funds requirements for credit valuation adjustment (A-CVA) risk.
EBA published an Opinion addressed to EC to raise awareness about the opportunity to clarify certain issues related to the definition of credit institution in the upcoming review of the Capital Requirements Directive and Regulation (CRD and CRR).
APRA is consulting on updates to ARS 210.0, the reporting standard that sets out requirements for provision of information on liquidity and funding of an authorized deposit-taking institution.
FED released hypothetical scenarios for a second round of stress tests for banks.
PRA published updates in relation to the 2021 Supervisory Benchmarking Portfolio exercise.
FED adopted a proposal to extend for three years, with revision, the capital assessments and stress testing reports (FR Y-14A/Q/M; OMB No. 7100-0341).
HKMA revised the Supervisory Policy Manual module CR-G-14 on margin and other risk mitigation standards for non-centrally cleared over-the-counter (OTC) derivatives transactions.
EBA issued a revised list of validation rules with respect to the implementing technical standards on supervisory reporting.
EBA published its response to the call for advice of EC on ways to strengthen the EU legal framework on anti-money laundering and countering the financing of terrorism (AML/CFT).
NGFS published a paper on the overview of environmental risk analysis by financial institutions and an occasional paper on the case studies on environmental risk analysis methodologies.