Friday 5 Round-Up: Operational Resilience in Financial Services - Episode 7
Published by Ben Saunders - OpRes Founder
Roughly a 3-minute read
For those in the know, this week marked exactly 6-months until firms must comply with the FCA and PRA’s initial policy requirements for impending operational resilience regulations, by March 2022. There is no doubt that this is a big undertaking for firms and based on the conversations we have been having at OpRes, it feels as though many organisations are starting to wake up to the face that there is a lot of long hours ahead of them, their people and their partners to ensure they can comply with the initial round of regulatory needs.
At OpRes HQ, we are edging ever closer to our initial release. Call us perfectionists! However, we do think it will be worth the wait!
As with the close of every working week, we have rounded up the biggest and most newsworthy operational resilience beats from across the financial services sector! Without further ado, let’s jump straight into the action!
Friday 24th September: Amplified digital interdependencies pressure firms to broaden their operational resilience plans
Granted, this was last week. However, the editorial was published after we went to press with our previous Friday Round-Up! The Financial Director covered the AFME Capital Markets Technology and Innovation conference paying specific focus to a panel that discussed the magnified interdependencies created by the surge in financial services’ digitalisation. The panel included speakers from the European Central Bank, BNY Mellon, and the Bank of England. If third, fourth, and even fifth party dependencies are your thing, then we suggest you check out the coverage!
Sunday 26th September: APRA reprioritises 2021 regulations & policies
Just a few weeks back we published a Friday 5 which discussed APRA’s closing regulatory focus points for 2021. Which very much had operational resilience at the top of their agendas. In light of ongoing Covid-19 struggles across the Australian markets, a series of policy efforts originally scheduled for the 2021 calendar year have been deferred to 2022. This includes standards for operational resilience, new remuneration disclosure requirements, plus reforms around interest rate risk in the banking sector and offshore reinsurance.
Monday 27th September: Build Your Own Game Day to Support Operational Resilience
Published on the 23rd of September, we caught wind of this recent article from AWS which provided a reference architecture for executing scenario testing, or game days, in response to operational resilience policies. Game days are a helpful process to identify team hands-offs, process interactions, and potential optimisations that may be required in service management operational procedures.
We have seen them applied by firms who adopt modern cloud-hosted platforms, specifically underpinned by a Site Reliability Engineering framework. This is something we have spoken about previously on the OpRes website. Credit to AWS for coming up with this model which explains how simulated failure injections can be used to demonstrate instant and graduated performance levels against their cloud-hosted services. We think this is really neat and suggest our readers take a look asap.
Tuesday 28th September: ESMA to focus on supervision, sustainability, digitalisation, and the capital markets union
2022 promises to be a big year for the Digital operational Resilience Act that is currently being worked on by the European Union and it has been confirmed as being a hog agenda for the European Securities Markets Agency (ESMA). In respect of their targets for digitisation and innovation, ESMA plan to “contribute to the implementation of the Digital Operational Resilience Act (DORA), the Markets in Crypto Assets Regulation (MiCA) and the regulation on a pilot regime for market infrastructures based on distributed ledger technology, further our understanding of the impact of financial innovation on capital markets and foster a coordinated approach, and work with NCAs and market participants to counter cyber threats and other operational risks”. You can read the full news release here.
Wednesday 29th September: Cloud Is on the Rise in Financial Services and Regulators Are Taking Note
This is something we have commented on at length in the last few months and it seems that others are also now starting to identify the challenges firms face from regulators. Namely, FinTechs disrupting established players. Established players turning to the cloud to transform, launch new services, and become more reliable for their customers! Regulators growing concerned about the increasing concentration of critical banking systems residing in the cloud! This editorial over at the Banking Journal does a good job of covering the key topics that we have discussed recently.
Wednesday 29th September: General insurers lag behind reinsurers and investment managers in operational resilience readiness
If you are a general insurance firm, then stop reading now! According to research conducted by Oric International and Sicsic Advisory, general insurers are lagging behind reinsurers and investment managers in their preparation for operational resilience rules that come into force in March 2022. The survey of 44 general insurers, reinsurers, life insurers, and investment managers conducted in June found that on average firms rated their readiness for the new rules at 7 out of 10.
The blog is over at postonline.co.uk. You’ll have to give away your email for a free trial to read the full editorial. So we have posted some key data points for you below:
Of the 44 survey respondents, 13 had already had definitions and mappings of important business services signed off by their boards.
Among general insurers, the median number of important business services identified was 10, though the number identified by individual firms ranged from three to 18.
They also identified a list of 10 common important business services shortlisted general insurers. They are:
1) Claims payments: 14
2) First notification of loss: 13
3) Claims handling: 11
4) Quotations and new business: 11
5) Mid-term adjustments: 10
6) Complaints: 9
7) Renewals: 8 =
8) Claims emergency: 6
9) Claims repairs/replace: 6
10) Issue policy documents: 6
Thursday 30th September: Big tech regulation: what is going on?
Big tech and financial services have been big news recently. We’ve spoken at length regarding the changing posture of E.U. and U.S based regulators. However, it seems as though even Chinese regulators are now starting to tighten their grip in this space. BIS has published some new commentary on this domain, covering 5 key areas: competition, data, business conduct, operational resilience and financial stability.
Thanks for reading!
That’s it for this week’s round-up.
Thanks for reading and if you want to have Operational Resilience news beats sent directly to your mailbox, then feel free to register your details via our online form.
Have a great weekend!
Ben