Just four months before the deadline for full compliance with the Financial Conduct Authority’s Operational Resilience legislation, research from managed service provider Parseq indicates that almost a third of financial institutions are not fully confident in their ability to meet the new rules.
The FCA’s new rules aim to improve the resilience of the UK financial sector by ensuring that organisations within it can prevent and respond effectively to operational disruptions that would cause harm to consumers or instability in the financial system. They apply to various financial institutions, including banks, building societies, insurers, investment firms, and payment service providers.
Just 69 percent of leaders at financial firms questioned by Censuswide researchers for Parseq said they were ‘very confident’ that their internal operations, processes and procedures would fully comply with the new Operational Resilience legislation by the 31 March 2025 deadline. Two percent of those surveyed said they had no confidence that they would meet this deadline for compliance.
There was a greater level of confidence in the ability of outsourcing partners to comply with the new rules. Seventy-four percent of leaders said they were ‘very confident’ that functions performed for them by third-party suppliers would fully meet the new requirements before the deadline. The FCA has stated that firms are responsible for ensuring they remain within impact tolerances required by the legislation for important business services, regardless of whether they use external parties to provide them.
Leaders of large financial institutions are much more confident in their ability to comply with Operational Resilience legislation. Eighty-eight percent of those working at firms with more than 250 people said they were ‘very confident’ in their compliance with the new rules, and 94 percent expressed the same belief in their outsourcing partners. In contrast, just 58 percent of leaders at financial SMEs were ‘very confident’ they would comply themselves, rising to 62 percent for third-party suppliers.
Gordon MacKinnon, Director of Client Services and Growth at Parseq, comments: “Financial institutions raced to enhance their IT systems when the Operational Resilience guidelines were published. When the audits start, we suspect the FCA will find greater room for improvement in back-office functions that rely more heavily on people, such as inbound customer communications, contact centre operations and cheque processing.”
“Big players have less to worry about here. They already have pretty resilient systems, often from working with third parties that have robust business continuity and stringent SLAs baked into their offerings. Smaller institutions that handle these important back-office services in-house will be more exposed in the event of a major technical, people or facility failure.”