In this world of disruptive events, evolving cyberthreats, and agile competitors, operational resilience is vital for financial institutions to deliver robust digital services to their customers. It should come as no surprise that, although regulators’ new rules on operational resilience only came into force earlier this year, forward-thinking organisations stole a march on their competitors by starting to address resilience requirements long before they were published.
Achieving resilience is an ongoing journey, one that’s more than just complying with new regulations. Take the global pandemic, for example, which truly put firms’ resilience plans to the test. Recent events in Ukraine have further compounded the need for your firm to define a resilience programme that goes beyond just a box-ticking exercise, to positively impact the business and the community it serves.
During the 9th Annual Operational Resilience Summit for Financial Services, I took part in a keynote panel discussion with the heads of risk and resilience from major banks, to explore these trends and define best practices for success.
Managing third-party risk
While firms are experiencing increased scrutiny over operational resilience from regulators, some have already made progress as part of their digital transformation programmes. In other words, regulations are encouraging firms to break down siloes and build an interconnected digital ecosystem, something that they’re already driven to do as clients demand higher levels of service.
When firms are dealing with sprawling third party and supplier networks, building an interconnected digital ecosystem is no small task. Not only is this a connectivity challenge, but this same third-party network is seen as one of the biggest risks in financial services today, impacting operational resilience and Environmental, Social, and Governance (ESG). After all, a chain is only as strong as its weakest link. As most of a bank’s carbon is emitted by its supplier network, firms need a resilient operating model that enables them to confidently say when they’re going carbon neutral, build lasting loyalty, and act with integrity.
To achieve the desired success, firms are looking for technology partners to not only support their digital transformation journey but also to facilitate an integrated business environment. This makes it easy for you to choose the right partner, align ESG values across your third-party network, and then monitor the third-party's activities. Annual assessments are no longer enough. It’s time to connect data sources, complete frequent risk/ESG scoring, and avoid the risk of reputational harm.
Building a real-time view
Firms that focus on technology both as a key enabler and as a risk factor can get ahead in building resilience across their business operations. Accelerating enterprise-wide digitisation and automation means firms can build sophisticated workflows and monitor operational risks continuously in real-time, and therefore coordinate a robust, multi-departmental response to events. When an Important Business Service (IBS) is digitised effectively, including connecting in third parties, it becomes more competitive, more resilient, and delivers sustainability to the community it serves—improving the customer and employee experience.
Despite all this effort, we still see firms falling behind in their efforts to set impact tolerances. And while the Bank of England is expected to engage banks in challenging conversations on operational resilience soon, firms now have to go one step further: justifying how they come to conclusions, and proving that their tolerance level is enough to protect their customer in the face of disruption.
At the Summit, it became clear that a real-time view is vital for achieving and demonstrating operational resilience. Fortunately, it’s not an unattainable goal. Realising it depends on a major data clean-up, resulting in better quality data—something I consider to be the biggest challenge facing the industry in the next decade. Here, acquiring the right technology and tools is a sure first step. This way, institutions can glean dependable information, use it to map, track, and monitor impact tolerances—and ensure lasting resilience.
Connecting your digital ecosystem
Ultimately, operational resilience requires a single, comprehensive view of all activities. But the reality is that most firms still operate numerous point solutions that fail to freely share information. And with upcoming regulations like the Corporate Sustainability Recording Directive (CSRD), firms must soon demonstrate an end-to-end audit trail in their hybrid environments.
The need for collaboration has never been greater. Unifying your technology ecosystem on a single platform enables a coordinated, proactive response to incidents. With a real-time view, you’ll have the power to monitor activities across your entire ecosystem, including your third-party network. This will be a key factor in attracting future investment and building sustainable operations, but it truly forms the bedrock of operational resilience in this unpredictable world. Ultimately your organisation is protecting the community in which is serves.
Discover how your bank can pre-empt the next wave of disruption with key insights in this ebook.
Banking at the speed of risk
The Future of Banking Experiences
Financial Services: Whatever Next?