OSFI issued a letter to the federally regulated financial institutions seeking their views on certain aspects of its approach to the operational risk and resilience framework. One aspect OSFI is seeking views on is how it can position its perspective on operational risk and resilience within its principles-based guidance framework (including Guideline E-21). Views are also being sought on ways to address connections to related risks within the OSFI approach to operational risk management and operational resilience; the related risks include technology and cyber risks; third-party risk; model risk; and culture, compliance, and reputational risks. Stakeholders can submit comments until September 10, 2021.
BCBS published guidance in March 2021 on operational risk and resilience and OSFI, as a BCBS member, had participated in the work that led to the publication of the revised principles for sound management of operational risk and the new principles for operational resilience. OSFI believes that the revisions to the principles for sound management of operational risk strengthen BCBS guidance on operational risk management while the principles of operational resilience introduce the concept of operational resilience. Earlier, on December 15, 2020, OSFI had concluded a consultation process on its September discussion paper titled "Developing financial sector resilience in a digital world," which highlighted certain aspects of operational resilience. OSFI views operational resilience as an important objective of operational risk management and believes that operational resilience encompasses a number of risk management practices and capabilities; these include articulating risk appetite and setting risk tolerances for operational risk; identifying and analyzing critical operations, interconnections, and interdependencies; using scenarios and testing to assess resilience capabilities; and preventing, responding, adapting, recovering and learning from operational disruptions. While the existing Guidelines and Advisories of OSFI cover many of these areas, there are opportunities to strengthen its guidance expectations to enhance operational resilience at financial institutions, including both deposit-taking institutions and insurance companies. As part of implementing any guidance on operational risk and resilience for financial institutions, OSFI will consider whether certain elements of this guidance could also be relevant to federally regulated pension plans.
Keywords: Americas, Canada, Banking, Insurance, Pensions, Operational Risk, Operational Resilience, Guideline E-21, Third Party Risk, Cyber Risk, Model Risk, Technology Risk, OSFI
Previous ArticleFSB Reports on LIBOR Transition, Urges Entities to Take Action
The European Commission (EC) announced plans to defer the application of 13 regulatory technical standards under the Sustainable Finance Disclosure Regulation (2019/2088) by six months, from January 01, 2022 to July 01, 2022.
The Bank of England (BoE) published a consultation paper on approach to setting minimum requirement for own funds and eligible liabilities (MREL), an operational guide on executing bail-in, and a statement from the Deputy Governor Dave Ramsden.
The European Banking Authority (EBA) is seeking preliminary input on standardization of the proportionality assessment methodology for credit institutions and investment firms.
Certain regulatory authorities in the US are extending period for completion of the review of certain residential mortgage provisions and for publication of notice disclosing the determination of this review until December 20, 2021.
The Prudential Regulation Authority (PRA) published the policy statement PS18/21, which introduces an amendment in the definition of "higher paid material risk taker" in the Remuneration Part of the PRA Rulebook.
The European Banking Authority (EBA) published its annual report on asset encumbrance in banking sector.
The European Banking Authority (EBA) published a methodological guide to mystery shopping.
The Australian Prudential Regulation Authority (APRA) released a letter to authorized deposit-taking institutions to provide an update on key policy settings for the capital framework reforms, which will come into effect from January 01, 2023.
The Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO) published a report that assesses the business continuity planning activities of financial market infrastructures or FMIs.
The European Securities and Markets Authority (ESMA) has responded to the IFRS consultation on targeted amendments to the IFRS Foundation constitution to accommodate an International Sustainability Standards Board (ISSB) to set IFRS Sustainability Standards.