FCA published a statement on its intention to comply with the EBA guidelines on information and communication technology (ICT) and security risk management for credit institutions, investment firms, and payment service providers. The guidelines, which were published in November 2019, enter into force on June 30, 2020. In its statement, FCA also points out that it is in the process of consulting on new requirements to strengthen operational resilience in the financial services sector. FCA expects to publish the final rules on operation resilience in the first quarter of 2021, including providing further information on the links between its operational resilience policy and the EBA guidelines.
In March 2020, FCA had extended the comment period for its consultation (CP19/32) on operational resilience until October 01, 2020. Firms and financial market infrastructures are not expected to be required to meet requirements resulting from this consultation before the end of 2021. While operational resilience remains a top priority for FCA, PRA, and BoE, the later publication date and implementation timetable are intended to alleviate burden on firms and financial market infrastructures in the wake of the COVID-19 outbreak. FCA welcomes feedback from firms to its consultation and their experiences in embedding the requirements of the EBA guidelines.
All credit institutions, investment firms, and payment service providers will be expected to make every effort to comply with the EBA guidelines. Firms should also refer to the EBA "further guidance" on the use of flexibility in relation to COVID-19 and the implementation of the guidelines on ICT and security risk management. Consistent with the EBA "further guidance," FCA will apply reasonable supervisory flexibility when assessing the implementation of the ICT and security management guidelines, given the ongoing COVID-19 crisis.
Effective Date: June 30, 2020
Keywords: Europe, EU, UK, Banking, Securities, Insurance, FMI, COVID-19, Operational Resilience, Cyber Risk, CP 19/32, PRA, BoE, FCA
Leading economist; commercial real estate; performance forecasting, econometric infrastructure; data modeling; credit risk modeling; portfolio assessment; custom commercial real estate analysis; thought leader.
Previous ArticleJFSA Defers Final Two Phases of Margin Rules for OTC Derivatives
The Board of Governors of the Federal Reserve System (FED) published the final rule that amends Regulation I to reduce the quarterly reporting burden for member banks by automating the application process for adjusting their subscriptions to the Federal Reserve Bank capital stock, except in the context of mergers.
The European Banking Authority (EBA) published its assessment of risks through the quarterly Risk Dashboard and the results of the Autumn edition of the Risk Assessment Questionnaire (RAQ).
The Hong Kong Monetary Authority (HKMA) published a circular, along with the reporting form and instructions, for self-assessment, by authorized institutions, of compliance with the Code of Banking Practice 2021.
The Financial Conduct Authority (FCA) decided to register European DataWarehouse Ltd and SecRep Limited as securitization repositories under the UK Securitization Regulation, with effect from January 17, 2022.
The European Commission (EC) published the Delegated Regulation 2022/25, which supplements the Investment Firms Regulation (IFR or Regulation 2019/2033) with respect to the regulatory technical standards specifying the methods for measuring the K-factors referred to in Article 15 of the IFR.
The Bank of International Settlements (BIS) published a paper that assesses the ways in which platform-based business models can affect financial inclusion, competition, financial stability and consumer protection.
The European Supervisory Authorities (ESAs) published the list of identified financial conglomerates for 2021.
The Australian Prudential Regulation Authority (APRA) updated the list of authorized deposit-taking institutions, granting license to Barclays Bank PLC and Crédit Agricole Corporate and Investment Bank to operate as foreign authorized deposit-taking institutions under the Banking Act 1959.
EU published, in the Official Journal of the European Union, a corrigendum to the Delegated Regulation 2015/35, which supplements Solvency II Directive (2009/138/EC).
The European Banking Authority (EBA) published an Opinion on the scale and impact of de-risking in European Union and the steps that competent authorities should take to tackle unwarranted de-risking.