A-Team Insight Blogs

The FCA’s Warning on Operational Resilience

Share article

By Paul Roberts, CEO, Milestone Group.

The FCA annual report is out and it’s not just Brexit under the microscope. As expected, operational resilience continues to be an area of concern, building on the issues raised in their business plan of 2019/2020 in April. It’s clearly an area they feel deserves more attention. And it’s not just the FCA, other regulators have all raised similar such as European Securities and Markets Authority (ESMA), Luxembourg Commission de Surveillance du Secteur Financier (CSSF); and Central Bank of Ireland (CBI).

Operational resilience is an area of risk that continues to climb the risk league tables and regulators in multiple jurisdictions are taking it seriously. However, customers, investors and investment management firms can incur significant financial losses and reputational damage from disruptions to the outsourcing relationships they have in place. And while it may seem like a less obvious area of concern for some, in comparison to financial crime for example, for institutions on the buy and sell-

side, operational resilience is right up there as a priority. Or at least it should be.

Look no further than recent fines levied by the Central Bank of Ireland on the basis of clarity in controls around outsourcing arrangements, which in itself speaks directly to the importance of operational resilience.

These types of risks are a step beyond what we normally think of as pure operational risk, as they highlight the infrastructure interdependencies among financial services participants and third-parties. Fundamentally, firms can outsource certain functions, but they cannot outsource the responsibility.

One area of increasing importance for those across the fund industry is the ability to calculate and publish a backup NAV under any disruption scenario, including a complete service provider outage. This speaks directly to the theme of operational resilience. If this were to arise it would have serious consequences for the firm as an accurate NAV is the basis for the price of a unit or share of the fund in question. This is something that many firms outsource fully or in part to third-party providers. Yet,

crucially, the firm retains all regulatory responsibility. Third-party administrators are not responsible entities that carry fiduciary liability and while firms recognise this, few have addressed this need for operational resilience. For those that have, there is a wide variation in approach and effectiveness.

Many firms still rely heavily on spreadsheets and reports from outsourcers in overseeing their NAVs. If this is the case, how can a firm responsible for billions in assets declare they have effective oversight, let alone contingent or backup NAV capabilities, in response to this new regulatory theme of operational resilience?

The truth is they can’t. The bar is being raised when it comes to market practice and firms need to take a holistic approach and consider how best to satisfy both clients and regulators of their operational resilience. Insuring against NAV outages by deploying purpose-built and proven solutions will allow firms to strengthen this key area of operational resilience. If their current models fail at any point, this approach will protect their investors and satisfy the regulators.

Leave a comment

Your email address will not be published. Required fields are marked *

*

Related content

WEBINAR

Recorded Webinar: Privacy vs. Surveillance: Managing conflicting regulations in Germany and other privacy-sensitive jurisdictions

The EU’s MiFID II and other regulations globally have placed greater emphasis than ever on market surveillance, recording of trading communications and records-retention processes in an attempt to stamp out market abuse and boost investor confidence and protections. At the same time, the public’s attitude toward data privacy has hardened, most visibly through new regulations...

BLOG

FCA Urges Greater Cyber Resilience

The number of cyber incidents financial services firms reported to the Financial Conduct Authority (FCA) soared in 2018, and the watchdog is now calling on regulated firms to develop greater cyber resilience to prevent attacks and operational resilience to recover from them. According to data recently acquired by accountancy firm RSM under the Freedom of...

EVENT

Breakfast Briefing: Meeting the Data Requirements of FRTB London

The Fundamental Review of the Trading Book (FRTB) Breakfast Briefing, will examine how the capital markets industry is approaching FRTB data management and will look at the implications for the ways that firms source, manage and store data for FRTB compliance.

GUIDE

RegTech Suppliers Guide 2019

Welcome to our brand new RegTech Suppliers Guide. This unique guide provides detailed data profiles on close to 100 suppliers in the RegTech world, offering you an unrivalled selection of solutions for your most pressing financial regulatory challenges. The aim of the A-Team’s RegTech Suppliers Guide is to steer you through this complex marketplace, offering...