By Jonathan Shiery, Hoan Wagner
Regulatory agencies across Europe, Asia, and Australia have issued guidelines on Operational Resilience with implementation dates between 2023 and 2025. Spearheaded by renowned institutions such as the Financial Conduct Authority, Central Bank of Ireland, Hong Kong Monetary Authority, Monetary Authority of Singapore, and Australian Prudential Regulation Authority, these guidelines emphasize the need for companies to prioritize critical business services during disruptions.
The objective is to identify critical business services and their points of failure, and devise recovery strategies that prevent intolerable harm to customers, firms, and the market.
Notably, the European Union introduced the Digital Operational Resiliency Act in December 2022, further underscoring the importance of operational resilience. Canada's Office of the Superintendent of Financial Institutions is also expected to align its operational risk guidelines with global standards in 2023.
These regulatory efforts are expected to align with Basel's Principles for Operational Resilience, a widely recognized framework published in March 2021.
This concerted global effort paves the way for businesses to navigate uncertainties, gain stakeholder trust, and thrive in a rapidly evolving landscape.
Resiliency executives now have a unique opportunity to lead transformative changes, ensuring the future resilience of their organizations. The era of operational resilience has arrived, demanding their expertise and unwavering commitment.
Global regulators are aligning on operational resilience, introducing a customer and market-centric business service view of resiliency that integrates the traditionally siloed foundations of resiliency (e.g., enterprise risk management, business continuity, crisis and incident management, and disaster recovery).
Regulations emphasize the board of directors' responsibility in owning firms' operational resilience programs through oversight, integrating resilience into strategic decision-making, and prioritizing investments to enhance the resilience of critical services.
Prioritize Critical Business Services
Map assets and vulnerabilities
Foster Integration and Interoperability
This customer-centric approach, supported by regulatory guidance, empowers executives to make informed decisions, prioritize investments, and safeguard critical business services, thereby strengthening the organization’s ability to withstand disruptions and thrive in an ever-changing landscape.
Operational resilience has become a top priority for global regulators, signaling a shift toward a customer-centric approach. Rather than focusing solely on business continuity and incident management, the emphasis is now on ensuring the resilience of critical business services and their impact on the market.
For executives, this regulatory shift carries important implications:
As global regulators continue to prioritize operational resilience in the financial sector, it’s crucial for organizations to develop or enhance their programs to comply with regulations and unlock the value of a robust framework. However, this process can be complex and challenging.
Guidehouse is here to support you on this journey. Our expertise lies in partnering with banks and fintechs to build and refine operational resilience programs. Whether you have questions or need assistance in any of the following areas, we are ready to help:
Don’t navigate the complexities of operational resilience alone. Contact Guidehouse today for expert guidance and support. Together, we can ensure your organization is well-prepared, compliant, and resilient in the face of disruptions.
This article is co-authored by Dana Caldwell and Luis Tamara.
Complexity demands a trusted guide with the unique expertise and cross-sector versatility to deliver unwavering success. We work with organizations across regulated commercial and public sectors to catalyze transformation and pioneer new directions for the future.