Almost a third of financial firms have work to do on Operational Resilience
Just four months before the deadline for full compliance with the Financial Conduct Authority’s Operational Resilience legislation, research from managed service provider Parseq indicates that almost a third of financial institutions are not fully confident in their ability to meet the new rules.
The FCA’s new rules aim to improve the resilience of the UK financial sector by ensuring that organisations within it can prevent and respond effectively to operational disruptions that would cause harm to consumers or instability in the financial system. They apply to various financial institutions, including banks, building societies, insurers, investment firms, and payment service providers.
Just 69% of leaders at financial firms questioned by Censuswide researchers for Parseq said they were ‘very confident’ that their internal operations, processes and procedures would fully comply with the new Operational Resilience legislation by the 31 March 2025 deadline. 2% of those surveyed said they had no confidence that they would meet this deadline for compliance.
There was a greater level of confidence in the ability of outsourcing partners to comply with the new rules. 74% of leaders said they were ‘very confident’ that functions performed for them by third-party suppliers would fully meet the new requirements before the deadline. The FCA has stated that firms are responsible for ensuring they remain within impact tolerances required by the legislation for important business services, regardless of whether they use external parties to provide them.
Leaders of large financial institutions are much more confident in their ability to comply with Operational Resilience legislation. 88% of those working at firms with more than 250 people said they were ‘very confident’ in their compliance with the new rules, and 94%expressed the same belief in their outsourcing partners. In contrast, just 58% of leaders at financial SMEs were ‘very confident’ they would comply themselves, rising to 62% for third-party suppliers.
Gordon MacKinnon, director of client services and growth at Parseq, comments: “Financial institutions raced to enhance their IT systems when the Operational Resilience guidelines were published. When the audits start, we suspect the FCA will find greater room for improvement in back-office functions that rely more heavily on people, such as inbound customer communications, contact centre operations and cheque processing.”
“Big players have less to worry about here. They already have pretty resilient systems, often from working with third parties that have robust business continuity and stringent SLAs baked into their offerings. Smaller institutions that handle these important back-office services in-house will be more exposed in the event of a major technical, people or facility failure.”