The value of Operational Resilience is increasingly evident as disruptions increase.
Protecting critical operations supports all stakeholders including customers. Anticipating what might go wrong and taking steps to prevent it, respond and recover, ensuring ongoing delivery of products and services is now expected.
Regulators across the globe have declared Operational Resilience as a key objective for operational risk management for financial institutions. OSFI’s revised Guideline E-21 is expected in draft in Spring 2023 with expectations already set through an industry letter and consultations. Aside from the regulatory focus, and more importantly, operational resilience is a prudent business practice.
Risk Management practices and capabilities encompassed in Operational Resilience include:
1. Identifying and analyzing critical operations, interconnections and interdependencies;
2. Identifying and addressing risks;
3. Articulating risk appetite and setting risk tolerances for operational risk;
4. Using scenarios and testing to assess resilience capabilities; and
5. Preventing, responding, adapting, recovering and learning from operational disruptions.
The work required to respond depends on firms’ current practices and integration with existing processes is likely possible.
Experience suggests the largest piece of work will be identifying and analyzing critical operations. Value comes in pro-actively addressing potential disruptions, particularly those causing harm to consumers.
If you would like to discuss approaches and how we might assist in your journey to demonstrate operational resilience through consulting assistance and / or systems support, please reach out.
Ethidex - Consulting Ethidex - ASSESS software