Operational resilience goes beyond mere business continuity and disaster recovery. Financial institutions and FMIs must establish strong frameworks to ensure the provision of critical services, regardless of the disruption’s origin. This encompasses human-induced risks like physical and cyber attacks, IT system failures, and third-party supplier failures. Moreover, it encompasses natural threats such as fires, extreme weather, floods, and pandemics.

In this article, we highlight some of the areas FCA-regulated firms may need to consider when implementing frameworks, strategies and culture where it pertains to remaining operationally resilient in the face of threats and mitigating exposure to adverse events.

1. The Importance of Cybersecurity in an Evolving Cyberspace

In an increasingly interconnected world, where technology plays an integral role in nearly every aspect of our lives, the need for robust cybersecurity measures has become paramount. Cybersecurity is not merely a risk to be managed; it is the proactive response and protective action against the dangers lurking within the expansive realm of cyberspace. The term “cyber risks” or “cybercrime” may better capture the essence of the threats that can infiltrate regulated firms and disrupt their operations, compromising sensitive data, financial stability, and even public trust. As the digital landscape continues to evolve and cybercriminals become increasingly sophisticated, understanding the significance of cybersecurity and its role in safeguarding regulated firms has never been more critical.

This is amplified by the case of LinkedIn’s data breach in 2021 where the professional networking giant saw 700 million of its user’s data compromised by criminals sharing illegally obtained data on the dark web. A hacker used data-scrapping techniques by exploiting the site’s API. LinkedIn argued that no sensitive data was obtained. Nevertheless, this was a gross breach of the company’s terms of service. The hacker obtained email addresses, phone numbers, geolocation records, gender, and other social media details, all of which provided malicious actors with enough information to potentially craft convincing follow-on social engineering attacks.

2. Navigating through Global Disruptions

The Covid-19 pandemic unveiled another unchartered territory: operational continuity amidst global disruption as a result of the pandemic, affecting a plethora of industries including the financial services industry. The pervasive effects of the pandemic greatly impacted freedom of movement restricted due to lockdowns and quarantines, along with infection rates causing a reduction in the workforce population. The abrupt transition to remote working conditions exposed gaps in disaster recovery and business continuity plans. The insights gained from the pandemic, including the realisation of traditional business continuity plans’ shortcomings, ought to be prompting a substantial reconsideration of conventional operational risk management strategies.

3. UK Financial Firms in the Post-Brexit Era: Adapting to Change

Brexit has posed multifaceted challenges to UK financial firms. The withdrawal from the European Union has necessitated the establishment of new operational frameworks to accommodate changes in regulatory requirements, data sharing, and cross-border operations. Firms have had to reevaluate their supply chains, technology systems, and staffing arrangements to ensure continuity in service provision amidst evolving geopolitical and trade dynamics. The increased complexity of navigating distinct regulatory regimes has demanded robust risk management practices and substantial investments in compliance functions. Additionally, the alteration in market access arrangements has led to heightened volatility in trading activities, underscoring the significance of resilient trading platforms and risk monitoring mechanisms. Overall, UK financial firms have confronted the imperative of adapting their operational models to maintain both stability and competitiveness in a post-Brexit landscape.

4. The Supply Chain: Unveiling Third-Party Risks

Modern financial services rely heavily on third-party vendors for technology, data management, and other critical functions. However, these external dependencies can introduce vulnerabilities if not properly managed, from data breaches at the vendor level to the potential for service interruptions.

A notable example of supply chain risk in the financial sector involved a data breach in 2019 at Capital One affecting over 100 million people. A Former Amazon Web Services software engineer illegally accessed one of the Amazon Web Services servers storing Capital One’s data and stole 100 million credit card applications dating back to 2005, leaving millions of people vulnerable to criminals. The extent of compromised data categorises this incident as among the most severe data breaches in the financial services sector.

How can Firms Mitigate Risks?

To mitigate these threats, a proactive, multi-faceted approach is imperative. This includes fostering a strong culture of due diligence, regularly testing and updating disaster recovery plans, vigilantly monitoring regulatory changes, and strengthening vendor risk management.

However, true operational resilience goes beyond risk management. It requires a paradigm shift: viewing resilience not as a regulatory obligation but as an opportunity to drive competitive advantage. In an industry where trust is a key currency, a robust operational resilience strategy can serve as a powerful differentiator.

It’s a challenging landscape, but one ripe with opportunities. As threats to operational resilience continue to mount, UK Financial Services must take the helm, turning adversity into an advantage through anticipation, preparation, and innovative thinking.

How can Complyport Help?

Our Operational Resilience (OR) team specialise in building robust and digitally enabled solutions to strengthen your Operational Resilience capabilities. Our comprehensive range of OR and IT services are designed to support your journey towards Operational Resilience and OR regulatory compliance. Here’s how we can assist you:

• Operational Resilience Programme Support
  • Initiation and implementation of advanced operational resilience strategies
  • Operational Resilience Impact Assessment to identify potential gaps
  • Expert guidance in defining risk scenarios and optimising continuity strategies
• Ongoing Operational Resilience Support
  • Ensuring compliance with regulators’ requirements
  • Detailed report as a roadmap to achieve regulatory compliance
  • Health-check and progress assessment for sustainable resilience methodologies
• Comprehensive IT Audit, IT Audit Report, and Annual IT Audit Plan
  • Address IT challenges
  • Improve IT governance
  • Meet stakeholders’ expectations and compliance and assurance responsibilities in the context of IT
  • Comprehensive auditing of IT systems
  •  Audit Report and establish an Annual IT Audit Plan
• Third Party Risk Management Services
  • Effective management of outsourcing and third-party risk
  • Evaluation of practices against regulatory requirements
  • Remediation assistance
• Efficient Day-to-day Operational Processes
  • Comprehensive operational process management
• Operational Resilience Assurance
  • Demonstrating to stakeholders the effectiveness of your operational resilience framework
  • Independent assurance report with a granular view of control effectiveness
• REP018 Report
  • Risk assessment on operational resilience and information security
  • Analysis of the risk assessment findings

For tailor-made services that align with your company’s needs, get in touch with Complyport. Let us be your trusted partner in achieving operational resilience excellence and meeting regulatory expectations. Contact us today at thomas.salmon@complyport.co.uk

The post Operational Resilience, A Growing Challenge: 4 Aspects Financial Firms May Need to Consider first appeared on Complyport - Your Trusted Partner in Governance, Risk, Compliance & Technology .

Gateway to Approval: Heightened Scrutiny by FCA

The FCA, as the UK’s regulatory authority for financial services, holds the responsibility of maintaining market integrity, protecting consumers and ensuring fair competition. With the exponential growth of the fintech sector, particularly the rise of EMIs and PIs, the FCA has intensified its scrutiny during the application process. PSPs seeking registration or authorisation as EMIs and PIs must align their operational strategies with the legal and regulatory requirements, demonstrating to the FCA their ability to manage their regulated activities with prudence and transparency. This heightened scrutiny is driven by several factors:

1. Consumer Protection: Given the critical role of PSPs in managing financial transactions, ensuring consumer protection is paramount. The FCA conducts rigorous assessments of an applicant’s operational mechanisms, security measures, and dispute resolution procedures to guarantee that consumers’ interests are safeguarded.
2. Risk Mitigation: The digital nature of PSP operations makes them vulnerable to cyber threats, fraud, and money laundering. The FCA scrutinises an applicant’s risk management strategies, including anti-money laundering (AML) and know-your-customer (KYC) procedures, to mitigate potential risks to the financial system.
3. Market Integrity: As PSPs become integral components of the payment ecosystem, maintaining market integrity is crucial. The FCA examines an applicant’s organisational structure, governance framework, and adherence to ethical practices to ensure a level playing field for all participants.

Best Practices for Successful Application

Navigating the registration or authorisation process demands a strategic approach and meticulous adherence to regulatory requirements. Some best practices include:

1. Robust Compliance Framework: Establish a comprehensive compliance framework that aligns with the regulations and FCA Handbook. This includes providing policies and procedures covering financial crime, safeguarding, IT Security and risk methodology as well as risk assessments, and descriptions of internal controls, including ongoing monitoring mechanisms.
2. Thorough Documentation: Prepare thorough documentation detailing the organisation’s operational model, governance and risk framework, and consumer protection measures (including complaints handling and Consumer Duty). Clear and concise documentation tailored to the firm’s specific business model showcases the applicant’s commitment to transparency and regulatory compliance.
3. Expert Personnel: Employ personnel well-versed in regulatory compliance and fintech operations. Demonstrating that a skilled team is in place enhances the FCA’s confidence in the applicant’s ability to navigate complex regulations.

Pillars of the Modern Financial Landscape

The rise of PIs and EMIs has transformed the way we conduct transactions, ushering in a new era of convenience and accessibility. These institutions bridge the gap between traditional banking and the digital world, catering to the growing demand for frictionless financial services. By facilitating peer-to-peer payments, electronic money, e-commerce transactions and international money transfers, PSPs have become a vital component of the modern financial landscape.

Scrutiny of Senior Stakeholders: A Necessity

The involvement of senior stakeholders in the PSP application process serves as a check-and-balance mechanism. Their scrutiny ensures that decision-makers are well-informed about regulatory requirements and operational intricacies. The FCA assesses the suitability of these stakeholders based on their experience, expertise, integrity and commitment to the organisation’s compliance culture.

In conclusion, the journey to becoming registered or authorised by the FCA requires meticulous planning, a robust compliance framework, and a commitment to consumer protection. The heightened scrutiny imposed by the FCA ensures that only entities with the highest standards of operational integrity and regulatory compliance are approved. As the fintech sector continues to evolve, PSPs will play an increasingly pivotal role in shaping the future of payments and financial interactions.

How Can Complyport Help?

The authorisation or registration process can be a challenging and time-consuming endeavour. At Complyport, our team has a wealth of experience in dealing with the regulator and their approach to authorisations. We will leverage this experience to provide the best advice and guidance to you throughout each stage of your application.

We offer a flexible approach to suit your needs, providing a fully project-managed service to review and provide feedback on draft applications prior to submission.

Perhaps your firm is a registered ‘Small PI’ seeking to expand its business scope by becoming a fully authorised PI or EMI or a registered ‘Small EMI’ requiring full authorisation to do higher volumes of business? Maybe you are happy with being either registered or authorised but need to increase or decrease your current scope of activities? Please click here to learn how we can assist you.

We can also support you with other regulatory applications such as variations of payment services and changes in qualifying holdings (control) and legal status. Our fully project-managed service includes:

Pre-Application Consultancy

• Our team works with you to understand your goals and activities.
• We listen to your ideas for the future and ensure the correct scope of e-money and/or payment services are applied for.
• We identify and resolve potentially contentious issues before submission.

Construction of the FCA Application Pack

• We provide support with drafting or reviewing your regulatory business plan and provide assistance with the preparation of relevant forms.
• We lend our expertise in supporting the creation of financial projections and key assumptions including our templates.
• Take advantage of our Template Compliance Monitoring Programme, which appropriately tailored to your business, will be included in your film’s application to the FCA.

Post Submission Queries

• We will assist with post-submission issues or queries raised by the FCA.
• We will advise on the best approach to take when dealing with the FCA.

Ongoing Support

• Compliance resourcing solutions including client On-Boarding and Outsourcing/Resourcing KYC/B & CDD.
• Consumer Duty Implementation Support and advice.
• Compliance monitoring solutions. ComplyPortal offers a continuous workflow, control and regulatory compliance monitoring management system designed our Compliance Specialists for efficient regulatory compliance management.

Many of the firms we help to get authorised go on to take up our ongoing support services to ensure they continue to meet their regulatory requirements, for more information please click here.

Interested in seeing how we can help you in seeking Authorisation?

Contact Thomas Salmon via thomas.salmon@complyport.co.uk to book a free consultation.

The post Navigating Regulatory Compliance for Payment Service Providers: Becoming a Payment Institution or Electronic Money Institution first appeared on Complyport - Your Trusted Partner in Governance, Risk, Compliance & Technology .

Timeline of Events:

SVB was a preferred bank for the tech sector because the organisation supported startup companies that not all banks would accept due to higher risks. With rising inflation rates, SVB’s startup depositors were struggling to get additional financing from venture capital and elsewhere. So, they needed to draw on the deposits they had at SVB.

When interest rates rise, existing bonds paying lower interest rates become less attractive, causing their price to drop below their initial par value in the secondary market.

SVB had invested a large amount of bank deposits in long-term U.S. treasuries and agency mortgage-backed securities. When the tech start-ups and companies started to withdraw their cash, SVB had to find that cash. So, SVB had to sell its low-yield treasury bonds quickly and at a loss to try and meet capital requirements. The result was SVB incurred a huge loss.

There are meant to be safeguards in place where banks are examined and regulated so they don’t engage in highly risky behaviour, such as relying almost exclusively on deposits from companies within a single industry, or not diversifying their investment portfolio. SVB’s collapse highlights the importance of financial management and its necessity, especially within a recessionary environment.

How Firms Should Approach ‘Operational Resilience’:

Operational resilience is defined by the FCA as “the ability of firms, financial market infrastructures and the financial sector as a whole to prevent, adapt and respond to, recover and learn from operational disruption.”

The four major steps of building operational resilience are:

1. Identifying important business services;
2. Mapping the resources, people, processes, technology, and facilities necessary to deliver service;
3. Testing ability to remain within impact tolerance through Scenario Testing, and;
4. Reviewing Testing and process.

Ensuring the UK financial sector is operationally resilient is important for consumers, firms and financial markets.  An operationally resilient financial system is one that can absorb shocks rather than compound them.

Operational disruptions and the unavailability of important business services have the potential to cause wide-reaching harm to consumers and/or risk to market integrity, threaten the viability of firms and cause instability in the financial system.

Covid-19 provided a clear example of the kind of severe but plausible events firms need to consider within their operational resilience framework. The disruption caused by Covid-19 showed why it is crucial for firms to understand the important business services they provide, and to invest in their resilience to protect themselves, consumers and markets.

Strong operational resilience capabilities are especially vital in times of elevated cyber risk, as operational resilience deficiencies may lead to customer data breaches, critical business service disruptions and potential consumer harm.

The Operational Resilience Framework:

In March 2021 the FCA (PS21/3 ), PRA (PS6/21 ) and Bank of England  (BoE) (collectively known as the Supervisory Authorities) finalised their changes to Operational Resilience regulation. These conclusions were reached after their 2018 discussion paper and 2019 consultation paper, with the new regulations being implemented in March 2022. These Regulations apply to:

• Banks;
• Building societies;
• PRA-designated investment firms;
• Insurers;
• Recognised Investment Exchanges;
• Enhanced scope SM&CR firms, and;
• Entities authorised and registered under the Payment Services Regulations 2017 or Electronic Money Regulations 2011.

These Regulations also apply to other entities under PRA’s and BOE’s umbrella.

These new rules are designed to protect consumers, the wider financial sector and UK economy from the impact of operational disruption, such as the Coronavirus pandemic and the recent financial market turbulence.

The proposed requirements and expectations from firms and Financial Market Infrastructures require firms to:

Identify vital services and assess their impact beyond commercial interests. Setting Impact Tolerance for each service is crucial. They must then ensure continuity within this tolerance during potential disruptions.

FCA Expectations:

The following outlines what the regulator expects firms to have practicable after 31 March 2022 and by no later than 31 March 2025:

• Performed mapping and testing so that they can remain within impact tolerances for each important business service;
• Made the necessary investments to enable them to operate consistently within their impact tolerance;
• Conducted “lessons learnt” exercises to identify, prioritise, and invest in their ability to respond and recover from disruptions as effectively as possible;
• Developed internal and external communication plans for when important business services are disrupted;
• Prepared self-assessment documentation.

Applying Lessons Learned from the SVB Incident

Steps that may ensure operational resiliency:

• Regularly monitor third-party financial risks, and diversification – This includes monitoring financial health, credit ratings, and liquidity to confirm they have adequate resources to support their operations and manage their debts. Another way to mitigate risks is to spread banking relationships across different banks. By doing so, businesses and banks can avoid having all their funds tied up in a single bank, reducing the impact of potential future bank failures. Of course, that means a careful risk profile of each bank should be carried out.
• Monitor the compliance attitude of their third-party vendors – This is to ensure that they remain compliant with industry-specific and jurisdictional regulations on financial and operational risk management for banks. Identifying vendors with a history of non-compliance or ethical issues. With banks, continuously monitoring them for compliance and compliance related risks.
• Thoroughly evaluate their third-party vendors’ risk management practices, including internal controls, IT systems, and business continuity plans – The regular assessments and evaluation helps identify and mitigate potential operational risks and business operations disruptions like SVB’s case.
• Closely monitoring factors such as their third parties’ ESG attitude and adverse media – By regularly monitoring reputational risks and negative news associated with third-party vendors, businesses can minimise the potential impact of third-party risks on their own reputation.
• Reviewing third parties’ insurance coverage, financial statements for cash flow and ascertaining cash reserves to weather potential disruptions or crises – Cash reserves help ensure businesses have the necessary resources to cover operating costs and meet their financial obligations to vendors, suppliers, and customers, even if they experience a temporary cash flow shortfall.
• Develop and maintain a business continuity plan – A business continuity plan outlines the steps that the businesses will take in the event of a crisis and minimises the impact on the business’ operations and customers.

How can Complyport Help?

At Complyport, we are your partners in building robust and digitally enabled solutions to strengthen your Operational Resilience capabilities. Our comprehensive range of services are designed to support your journey towards Operational Resilience and regulatory compliance. Here’s how we can assist you:

• Operational Resilience Programme Support
  • Initiation and implementation of advanced operational resilience strategies
  • Operational Resilience Impact Assessment to identify potential gaps
  • Expert guidance in defining risk scenarios and optimising continuity strategies
• Ongoing Operational Resilience Support
  • Ensuring compliance with regulators’ requirements
  • Detailed report as a roadmap to achieve regulatory compliance
  • Health-check and progress assessment for sustainable resilience methodologies
• Third Party Risk Management Services
  • Effective management of outsourcing and third-party risk
  • Evaluation of practices against regulatory requirements
  • Remediation assistance
• Efficient Day-to-day Operational Processes
  • Comprehensive operational process management
• Operational Resilience Assurance
  • Demonstrating to stakeholders the effectiveness of your operational resilience framework
  • Independent assurance report with a granular view on control effectiveness

For tailor-made services that align with your company’s needs, get in touch with Complyport. Let us be your trusted partner in achieving operational resilience excellence and meeting regulatory expectations. Contact us today at thomas.salmon@complyport.co.uk

The post Silicon Valley Bank: A case study into how firms should approach operational resilience first appeared on Complyport - Your Trusted Partner in Governance, Risk, Compliance & Technology .

Operational Resilience PS21/3 Webinar

To help firms become compliant by 31 March 2022, Complyport, hosted a free webinar, Meeting the FCA’s New Operational Resilience Requirements, on the 10^th of February at 10:00am. Delivered by Darren Schindler and Pantelis Angelides, two of the industry’s leading subject matter experts on Operational Resilience for financial services firms, this webinar discussed what Operational Resilience means and provide practical examples of ways to update Operational Resilience policies in line with the regulator’s new expectations.

Watch Operational Resilience Webinar Recording

To watch a recording of our webinar, please complete the form below.

Once completed, you will be re-directed to the recording.

During this webinar, we:

• Defined the meaning of Operational Resilience and why it matters to your firm,
• Discussed the FCA’s PS21/3 consultation and requirements,
• Analysed the new (or updated) relationship of Risk Management with Resilience,
• Highlighted the practicalities of applying the new regulations including the utilisation of existing frameworks,
• Considered recommended approaches to meet the deadline—including practical examples,
• Answered questions from the audience.

About the speakers

• Pantelis Angelides – Head of Cybersecurity and Co-Head of Operational Resilience Advisory at Complyport
• Moderated by Jonathan Greenstein – Associate Director at Complyport

With combined experience exceeding 30 years, Darren Schindler and Pantelis Angelides are two leading experts in the field of Operational Resilience in the financial services sector. They have led Operational Resilience projects across the breadth of financial services, working with firms both large and small. Our speakers will guide you through the new requirements, helping ensure you understand the requirements and what they mean for firms like yours, as well as the practicalities of what your firm will need to complete before the fast-approaching deadline.

Operational Resilience – How Complyport can help?

Operational Resilience Impact Assessment

Complyport’s Operational Resilience Team can help regulated firms ensure they are prepared for the FCA’s Operational Resilience Policy by undertaking an Operational Resilience Impact Assessment. Following this review, our consultants will provide a report that will function as a roadmap, outlining what needs to be completed and by when to ensure compliance with the new requirements by 31 March 2022.

As part of our Operational Resilience Impact Assessment we can:

• Present an assessment of your Operational Resilience framework in line with the Operational Resilience Policy of FCA.
• Outline gaps within your Operational Resilience framework.
• Support the definition /redefinition of your approach towards the risk scenarios of operational disruptions and the optimisation of the continuity strategies and tactics to improve your operational resilience posture.
• Provide summary with respect to the Operational Resilience framework arrangements and mechanisms that need to be in place to comply with the new Operational Resilience Policy requirements.

Ongoing Operational Resilience Support

Following the Operational Resilience Impact Assessment, Complyport can help ensure your firm maintains compliance with the regulations after the 31^st of March of 2021.

To discuss the ongoing maintenance and support associate with Operational Resilience, please contact us via the form below to arrange a call with one of our specialist consultants.

At Complyport, we have deep understanding of Operational Resilience and helping regulated firms achieve it. Our team operates on a global scale across multiple jurisdictions and we offer a tailored service to perfectly match your company’s requirements.

Interested in learning more about our services?

For a free Operational Resilience consultation, please email Jan Hagen via jan.hagen@complyport.co.uk now to schedule a call.

The post Meeting the FCA’s New Operational Resilience Requirements – Webinar Recording first appeared on Complyport - Your Trusted Partner in Governance, Risk, Compliance & Technology .

LONDON –With a new policy from the Financial Conduct Authority (FCA), the Prudential Regulation Authority (PRA) and the Bank of England due to come into effect on 31 March 2022, the countdown is on for firms to ensure that their systems and processes are up to date with the new Operational Resilience requirements. City-based governance, risk and compliance consultancy, Complyport, reminds firms regulated in the UK to get ahead of the regulatory curve by dealing with this significant regulatory requirement well in advance.

Complyport’s Operational Resilience Support service, co-led by Darren Schindler and Pantelis Angelides, experts in Cybersecurity, Risk, and Organisational Resilience, helps clients adapt their systems and processes for the new rules as well as provide ongoing support for continued compliance. With firms expected to continue appropriate testing of their resilience plans to demonstrate that they can operate within their impact tolerances by 31 March 2025, work on compliance with the new policy is expected to continue well after the upcoming 2022 deadline.

Darren Schindler, Co-Head of Complyport’s Cybersecurity and Operational Resilience Advisory, said:

“Without a thorough resilience strategy and appropriate processes and mechanisms for managing key operational functions, businesses leave themselves and the financial markets exposed to potentially significant risks. These new regulations create an opportunity to tackle these risks head-on and Complyport’s Operational Resilience Support service is here to ensure that regulated firms receive the help they need to navigate the complex process of adapting to and continually complying with the regulator’s new expectations on operational resilience.”

Pantelis Angelides, Co-Head of Complyport’s Cybersecurity and Operational Resilience Advisory, said:

“The events of the past two years have sharply reminded us that resilience is fundamental for protecting the value and, on many occasions, survival of a business. Firms not only have to be able to keep up with evolutions in the industry, but also endure major disruptions and crises caused internally or by external events which can in some cases be unprecedented. Proper planning, robust risk management, regular testing, and effective monitoring of performance are just some of the ways that firms can ensure ongoing operational resilience in such volatile times. Our team are on-hand to provide bespoke advice for firms readying themselves to comply with the upcoming new regulations from March 31^st and beyond.”

Users of Complyport’s Operational Resilience Support service receive a thorough Operational Resilience Impact Assessment which will form the basis of a roadmap of necessary changes to ensure compliance by 31 March. This will include:

• Identifying gaps in existing Operational Resilience frameworks
• Support with (re)defining firms’ approach to risk scenarios of operational disruptions
• Optimisation of continuity strategies
• Tactics to improve operational resilience posture
• A summary of framework arrangements and mechanisms that need to be in place to comply with new Policy requirements

Users also have the option of support with maintenance of new Operational Resilience frameworks beyond the March 31^st deadline to ensure ongoing compliance and resilience benefits.

For more information about Complyport’s Operational Resilience Support service, visit: https://complyport.com/operational-resilience-support/

ENDS

Notes to Editors:

For media enquiries contact:

John Kaponi, J7 Communications: +44 787 554 2969 / john.kaponi@j7comms.com

Hannah Ritchie, J7 Communications: +44 790 440 4439 / hannah.ritchie@j7comms.com

ABOUT COMPLYPORT:

Complyport is a leading compliance and regulatory consultancy providing bespoke, practical solutions for all manner of regulated firms both in the UK and overseas. Their expert authorisations team have assisted with 1,000 successful FCA and EU authorisations to date. Their specialist compliance services expertise can either sit alongside current compliance teams or, for an independent solution, they can bring their team in-house. Established in 2002, Complyport combines former regulators, industry practitioners and legally qualified individuals to offer clients an unparalleled, professional team.

ABOUT PANTELIS ANGELIDES:

With more than 20 years of experience in Security, Risk, and Organisational Resilience, Pantelis has served as a trusted security advisor for top executives in sectors such as financial services, healthcare, law, manufacturing, and critical infrastructure facilities. He is a keen security strategist with extensive knowledge of a wide range of physical and digital security aspects and a rich track record of managing and delivering successful cybersecurity, Data Protection and Resilience projects. Pantelis is an elected member of the UK’s Security Institute, a full member of the Association of Security Consultants, and a level- 3 Certified Vocational Trainer.

ABOUT DARREN SCHINDLER:

Darren is the Co-Head of Operational Resilience Advisory of Complyport. He brings over 20 years of C-Level financial services experiences, having worked at a variety of firms including Metro Bank, Barclays Bank, HBOS PLC, Thomas Cook Money and more.  Darren refined his Operational Resilience skills during his time at Metro Bank, where he helped design, create, and launch their Business & Commercial Banking proposition and as Thomas Cook Money, where he was involved in the planning, development and launch of a new challenger bank. In addition, Darren has held senior positions in a number of fintech businesses where he has been responsible for regulatory oversight and he is currently contributing towards the creation of a global card and loyalty programme for a world leading crypto trading platform. Darren is qualified as an Associate of the Chartered Institute of Bankers and an Associate of Corporate Treasurers Cash Management Certificate.

The post Update Systems and Processes or Risk Failure to Meet Operational Resilience Deadline first appeared on Complyport - Your Trusted Partner in Governance, Risk, Compliance & Technology .

The post Managing the Risk to Your Firm & Dealing with the Regulatory Changes in Operational Resilience first appeared on Complyport - Your Trusted Partner in Governance, Risk, Compliance & Technology .