In December 2019 the FCA had consulted in its consultation paper CP19/32 on proposed changes to how firms approach operational resilience. These proposals had been developed together with the Bank of England (BoE) and the Prudential Regulation Authority (PRA) to improve the operational resilience of the UK financial sector.
The FCA implemented the proposals as consulted on and made amendments to reflect the feedback received and set out the feedback and its response in Policy Statement PS 21/3. The FCA, together with the BoE and the PRA, have set out final rules and guidance on new requirements to strengthen operational resilience in the financial services sector. The rules and guidance came into force on 31 March 2022.
This affects the firms in scope of the Policy Statement including:
Firms in-scope must have undertaken by 31 March 2022 the below steps:
Firms must also have identified any vulnerabilities in their operational resilience. As soon as possible after 31st March 2022 but no later than 31st March 2025, the firms must perform mapping and testing so that they are able to remain within their impact tolerances for each important business service. In-scope firms must also have made the necessary investments to enable them to operate consistently within their impact tolerances.
In addition, firms are expected to have established comprehensive communication strategies, both internally and externally, to address operational disruptions swiftly and efficiently and reduce the harm caused. In formulating their external communication approach, firms must have in place mechanisms for issuing crucial alerts or guidance to consumers and other relevant stakeholders, even when a direct communication channel is absent.
Additionally, the firms must compile a self-assessment document that shows how they meet the requirements set by regulators. The document will not need to be submitted to the FCA, but it should be made available on request.
Oversight over this self-assessment document should rest with the board or the firm’s management body, necessitating periodic review and approval.
Complyport’s Operational Resilience Impact Assessment (ORIA) can help firms in-scope by providing the following:
Following this review, our consultants will provide a report that will function as a roadmap, outlining what needs to be completed to ensure compliance with regulatory requirements.
Complyport is uniquely positioned to provide guidance and support to firms that fall under these regulatory obligations and are currently in the midst of navigating the process. We understand that it can be challenging to ascertain whether your current position aligns with compliance requirements, or how best to successfully navigate the rules and guidance for meeting these obligations in the future. We can assist you grasp the necessary thought processes and actionable steps.
In situations where an organisation’s senior executive management is seeking for support to understand the dimensions of operational resilience within the financial services sector, we can offer bespoke training through our associated and accredited training academy the LGCA
Broadly speaking, our accomplished team is equipped to deliver customised support that paves the way for firms to achieve full compliance with their Operational Resilience obligations through targeted project initiatives.
The Regulatory Gateway for Financial Promotions is Here
Navigating KYC Challenges in 2024: Insights from the Q&A Session
Webinar Recording – KYC: Challenges Around KYC and Best Practices for 2024
Navigating the Financial Promotions Gateway Ahead of the FCA Deadline, 7th February 2024
34 Lime Street
London
EC3M 7AT
United Kingdom
+44 (0)20 7399 4980
info@complyport.co.uk
Emirates Financial Towers
South Tower
Level 3, Office 308
DIFC, Dubai
United Arab Emirates
info@ae.complyport.com
2 Diagorou
ERA House
Ground Floor, 1097
Nicosia
Cyprus
info@cy.complyport.com
© Complyport 2024 | All Rights Reserved.