Operational resilience and financial resilience were at the front of the regulators mind last year, and the COVID-19 pandemic provided a practical test for many organisations of their business resilience capabilities. In this section we bring together the key areas of consideration to ensure your organisation is resilient, not just for the current crisis, but for the potential second wave of COVID-19, and any other future crises, be it climate change, geo-political instability or technological disruption.
- Operational resilience
- Cyber resilience
- Outsourcing and third party risk management
- Recovery resolution planning
- Prudential regime for investment firms
- Collections and recoveries
- Climate risk
- Environment, social and governance risks
Financial Crime is an increasing concern for all financial institutions. Preventing and detecting financial crime is rapidly evolving to be one of the biggest challenges for financial institutions, the impact of which extends well beyond monetary losses to reputation and brand, employee morale, business relations and regulatory censure.
- Market abuse and surveillance
Across the financial services sector, organisations are undertaking increasing volume and complexity of change, delivered as part of projects and programmes that make up large change “portfolios”. This is set to increase in light of the recent pandemic and changes to the future economic outlook.
- Programme assurance
- Portfolio assurance
- Post-COVID-19 transition
- Authorisation activity
- Cost management
- IFRS 17
Cyber security continues to be a top priority for regulators, with increased expectations on firms to produce detailed real-time IT risk reporting. AI and robotics are driving innovation across the industry, and the increased move to cloud-native technologies represents a significant change to organisations’ technological footprint and expertise requirements of employees. Customers increasingly expect to be able to access their information and manage their accounts at all times and from a range of devices, all of which need to run smoothly and be secure.
- Technology architecture and IT risk reporting
- Cloud migration
- IT development and operations
Conduct risk has been dominated in 2020 by COVID-19. As the seriousness of the situation became clear towards the end of Q1, the FCA moved quickly to announce a series of measures for firms to try and help ease the financial burden on customers who may have been affected, furloughed or even lost their job. The measures were set out in various papers in a very short period of time, as the FCA along with other regulators moved to try and protect the economy, customers and financial services firms themselves.
- Treatment of vulnerable customers
- Customer journey
- Insurance pricing and product value
- Policy coverage
- Suitability of advice
- Trade and transaction reporting & algorithmic governance and control
Now more than ever, it is imperative that organisations proactively manage their workforce risk. They need to combine strong governance and leadership, a clear diversity and inclusion strategy underpinned by data analytics, a cohesive culture with supporting behavioural frameworks, and flexibility which empowers the workforce and encourages a strong focus on wellbeing. These four factors, when combined with a clear organisational strategy and supported by strong people processes, will allow organisations to continually adapt and improve to effectively manage workforce risk.
- Governance and leadership
- Diversity and inclusion
- Flexibility and wellbeing
- Culture and behaviours
- Workforce planning