UK regulators have given British financial service firms three months to explain how they can avoid damaging IT breakdowns and respond to cyber-attacks.
The Bank of England and the Financial Conduct Authority have told British banks and other financial services firms to report back by Oct. 5 on their exposure to risks and how they would respond to outages.
The challenges for operational resilience have become even more demanding given a hostile cyber-environment and large scale technological changes according to the FCA.
Recent events, such as the inability of customers of bank TSB to access their online accounts and problems at payments firm Visa, have highlighted the vulnerability of the banking system to technology failures.
In a joint statement, FCA chief Andrew Bailey and BoE deputy governor Jon Cunliffe, say: “Operational disruption can impact financial stability, threaten the viability of individual firms and financial market infrastructures, or cause harm to consumers and other market participants in the financial system.”
The growing risk of disruption is in large part down to moves by financial firms to upgrade their computer systems to cope with the rise of tech-savvy competitors and growing consumer demand for instant services.
With the operational risks of a significant IT breakdowns becoming increasingly apparent, the watchdogs say that banks should have backup plans in place to enable full recovery within two working days.
The concepts of the approach include focusing on the continuity of the most important business services as an essential component of managing operational resilience, setting board-approved impact tolerances which quantify the level of disruption that could be tolerated, and planning on the assumption that disruption will occur as well as seeking to prevent it.
Earlier this month, The Financial Conduct Authority expanded its regulatory sandbox, adding a number of RegTech’s to the initiative’s fourth cohort. The FCA said it received 69 applications to cohort four, an increase on the previous year, with 29 being successful. Its regulatory sandbox allows firms to test innovative products, services or business models in a live market environment, while ensuring that appropriate protections are in place.
Copyright © 2018 RegTech Analyst
Copyright © 2018 RegTech Analyst