The UK’s operational resilience framework prioritises the need for governance and accountability within financial services firms. These regulations determine that the ultimate responsibility for the internal resilience of a firm will rest with senior management and the board of directors. For firms to be compliant, they must assess their internal structures and frameworks to ensure there is clear board-level ownership and accountability of the operational resilience strategy.
The Role of Senior Leadership in Operational Resilience
Recent regulations, including those passed by the Financial Conduct Authority (FCA), outline specific responsibilities for the board of directors and senior leadership. Key strategic decisions, such as identifying important business services and determining impact tolerance thresholds, must be formally reviewed, challenged and approved by the board. In the UK, the Senior Managers and Certification Regime (SM&CR) reinforces this by directly linking the accountability of senior leadership to the firm’s operational resilience. The board is required to approve a comprehensive self-assessment document, which must be updated annually at least, or more often, to reflect significant operational business changes. This document provides clear evidence to regulators that the board and senior management are taking an active role in governing operational resilience within the firm.
How can Firms Embed Accountability From the Top Down?
Accountability must be embedded within financial services firms, and a structured approach should be taken to cascading this accountability throughout the organisation. This involves applying board-level principles to operational business practices that can help to foster a culture of accountability and ownership. To achieve this, firms should take the following steps:
- Establish Clear Ownership: All critical systems and processes should be thoroughly documented, and individual ownership should be defined and documented, including clear oversight of third-party accountability
- Use Quantitative Metrics: Firms must transition from qualitative measures often used by boards to track the outcomes from scenario planning or vulnerability testing in specific quantitative terms
- Link Accountability to Performance: Resilience-related objectives should be integrated into the performance frameworks for senior management as a core professional responsibility and therefore a key objective
- Adopt a “Resilience by Design” Culture: Developing a culture of ownership and accountability will embed operational resilience into the operational and change management processes of the firm, turning it into a key consideration for decision-making
Effective governance and senior leadership accountability are key to implementing and successfully managing a modern operational resilience framework. Resilience should be embedded at board level and cascaded down throughout the organisation. Adopting a “resilience by design” approach will create a resilient culture that utilises centralised, data-driven insights and considers resilience in all senior management decisions. Does your board understand its resilience obligations?
Contact our experts today to formalise ownership, embed metrics, and drive cultural change from the top.
