OSFI issued a letter to the federally regulated financial institutions seeking their views on certain aspects of its approach to the operational risk and resilience framework. One aspect OSFI is seeking views on is how it can position its perspective on operational risk and resilience within its principles-based guidance framework (including Guideline E-21). Views are also being sought on ways to address connections to related risks within the OSFI approach to operational risk management and operational resilience; the related risks include technology and cyber risks; third-party risk; model risk; and culture, compliance, and reputational risks. Stakeholders can submit comments until September 10, 2021.
BCBS published guidance in March 2021 on operational risk and resilience and OSFI, as a BCBS member, had participated in the work that led to the publication of the revised principles for sound management of operational risk and the new principles for operational resilience. OSFI believes that the revisions to the principles for sound management of operational risk strengthen BCBS guidance on operational risk management while the principles of operational resilience introduce the concept of operational resilience. Earlier, on December 15, 2020, OSFI had concluded a consultation process on its September discussion paper titled "Developing financial sector resilience in a digital world," which highlighted certain aspects of operational resilience. OSFI views operational resilience as an important objective of operational risk management and believes that operational resilience encompasses a number of risk management practices and capabilities; these include articulating risk appetite and setting risk tolerances for operational risk; identifying and analyzing critical operations, interconnections, and interdependencies; using scenarios and testing to assess resilience capabilities; and preventing, responding, adapting, recovering and learning from operational disruptions. While the existing Guidelines and Advisories of OSFI cover many of these areas, there are opportunities to strengthen its guidance expectations to enhance operational resilience at financial institutions, including both deposit-taking institutions and insurance companies. As part of implementing any guidance on operational risk and resilience for financial institutions, OSFI will consider whether certain elements of this guidance could also be relevant to federally regulated pension plans.
Keywords: Americas, Canada, Banking, Insurance, Pensions, Operational Risk, Operational Resilience, Guideline E-21, Third Party Risk, Cyber Risk, Model Risk, Technology Risk, OSFI
Previous ArticleFSB Reports on LIBOR Transition, Urges Entities to Take Action
The Central Bank of the Philippines (BSP) issued communications covering developments related to online lending platforms, open finance framework and roadmap, and on the expected regulations in the area sustainable finance.
The Board of Governors of the Federal Reserve System (FED) published the final rule that amends Regulation I to reduce the quarterly reporting burden for member banks by automating the application process for adjusting their subscriptions to the Federal Reserve Bank capital stock, except in the context of mergers.
The European Banking Authority (EBA) published its assessment of risks through the quarterly Risk Dashboard and the results of the Autumn edition of the Risk Assessment Questionnaire (RAQ).
The Malta Financial Services Authority (MFSA) updated the guidelines on supervisory reporting requirements under the reporting framework 3.0.
The Hong Kong Monetary Authority (HKMA) published a circular, along with the reporting form and instructions, for self-assessment, by authorized institutions, of compliance with the Code of Banking Practice 2021.
The Financial Conduct Authority (FCA) decided to register European DataWarehouse Ltd and SecRep Limited as securitization repositories under the UK Securitization Regulation, with effect from January 17, 2022.
The European Commission (EC) published the Delegated Regulation 2022/25, which supplements the Investment Firms Regulation (IFR or Regulation 2019/2033) with respect to the regulatory technical standards specifying the methods for measuring the K-factors referred to in Article 15 of the IFR.
The Bank of International Settlements (BIS) published a paper that assesses the ways in which platform-based business models can affect financial inclusion, competition, financial stability and consumer protection.
The Central Bank of Egypt (CBE) published a circular with instructions on emergency liquidity assistance to banks that are unable to meet their liquidity requirements.
The European Supervisory Authorities (ESAs) published the list of identified financial conglomerates for 2021.