Disaster Recovery Journal Summer 2023

ticular, it wants firms to understand what activities, when threatened, would affect customers, markets, and organizations at large. Under these guidelines, firms are expected to identify important business services and impact tolerances, establish strategies and systems to comply with requirements, and document a self-assess ment of their findings. Requirements will likely be published in 2023. The Basel Committee on Banking Supervision The Basel Committee on Banking Supervision sets regulation standards for its 63 central banks and authorities around the world. In 2021, it released its “Principles for Operational Resilience.” Its goal is to establish a principles based approach to operational resilience so that banks are better prepared to with stand events that may disrupt operations and affect operational resilience. Under these guidelines, banks are expected to identify their critical operations and map internal and external interconnections and interdependencies needed for operational resilience. These principles focus on: n Governance. n Operational risk management. n Business continuity planning and testing. n Mapping interconnections and interdependencies. n Third-party dependency management. n Incident management. n Resilient cybersecurity and ICT. The new principles are also aligned with the Basel III operational risk frame work. Basel III standards had an imple mentation deadline of Jan. 1, 2023. Canada’s E-21 Operational Risk Management Guidelines The Operational Risk Management Guidelines were released in 2016 for all of Canada’s federally regulated financial institutions (FRFIs). The goal is to ensure consistent application of sound opera tional risk management practices across industries and institutions.

Operational Resilience Requirements: What You Need to Know Now By MICHAEL BRATTON O rganizations around the globe are under increasing pressure to meet a growing list of regu latory requirements and guid ance. That’s especially true for financial organizations, both in the U.S. and abroad. The Bank of England, the United Kingdom’s Financial Conduct Authority (FCA), and Prudential Regulatory Authority (PRA)

The Bank of England, the UK’s Financial Conduct Authority (FCA), and Prudential Regulatory Authority (PRA) are setting the pace for operational resil ience standards for financial institutions. They released operational resilience standards in March 2021 that establish a framework and set minimum resil ience standards for all services critical third parties (CTPs) provide to firms and financial-market infrastructure firms. The Bank of England regulations focus mainly on how firms identify important business services and remain within their unique impact tolerances. In par

Some of these regulations are final, while others are in earlier stages. And depending on where you are, certain regulations may actually contradict or supersede one another – which will be especially challenging for companies that operate in multiple countries or regions. To help you keep the growing list of requirements straight, here’s a high-level look at the current regulatory landscape for financial institutions:

28 DISASTER RECOVERY JOURNAL | SUMMER 2023