Skip to navigation Skip to main content Skip to footer

PRA SS2/21 Compliance Guide

Download our guide to learn about PRA SS2/21 requirements and how to ensure compliance.

Download Now

         

A Roadmap to Operational Resilience

Inside the guide:

  • PRA SS2/21 Regulatory Overview: A clear breakdown of the Bank of England’s expectations for third-party risk.
  • Materiality & Risk Assessments: How to identify 'critical or important' services and conduct vendor due diligence.
  • Resilient Contractual Frameworks: Strategies to strengthen third-party agreements and software supply chain security.
  • Stressed Exit Planning: Expert guidance on documenting and testing plans to prevent total operational lockout.
  • The Role of Software Escrow: Why the PRA advises firms to 'actively consider' escrow for long-term resilience.

Download the guide to learn more about the PRA SS2/21 requirements and how to ensure compliance.

Fill in the form for your PRA SS2/21 Compliance Guide


By submitting this form you consent to receive correspondence from Escode. We will not sell your personal information. You can unsubscribe at any time. Privacy Policy.

           

 

Assessing Your Firm’s Compliance with SS2/21

The Prudential Regulation Authority requires firms to demonstrate that their outsourcing and third-party risk management is operationally resilient. Under the current supervisory statement, firms must be able to evidence:

Documented Materiality

A clear methodology for identifying "critical or important" business services.

Identify Critical Services

Viable Exit Plans

Evidence that stressed exit strategies have been tested and are executable without vendor assistance.

Validate Your Stressed Exit Strategy

Access to Proprietary Assets

Guaranteed legal and technical access to source code and data in the event of vendor insolvency.

Secure Your Technical Access Rights

 

Business Continuity Proof

Independent verification that the software supporting important business services can be recovered within your RTO.

Verify Your Recovery Objectives

 

Regulatory alignment shouldn't be a manual burden

Our SS2/21 Compliance Framework simplifies the transition from theory to auditable resilience. Use our structured methodology to categorise your material outsourcing and define technically viable stressed exit plans for your most critical business services.

Download the PRA Compliance Framework

From Compliance Gap to Operational Resilience

Identifying your material risks is only the initial phase of SS2/21 alignment. For 'critical or important' business services, Software Escrow provides the definitive technical safety net.

By securing a verified deposit of your vendor’s source code and critical material in a neutral repository, Escode ensures your firm retains the legal and technical capability to maintain operations should a third party fail.

✓ Evidence Regulatory Compliance: Directly satisfy PRA SS2/21 expectations for 'active consideration' of escrow in stressed exit planning.
Validate Stressed Exit Plans: Move beyond contractual clauses to a 'Plan B' that is technically verified and executable under stress.
Mitigate Concentration Risk: Protect your most critical business services from the systemic impact of unplanned vendor insolvency.

 

Expert Support for Your SS2/21 Strategy

Navigating the complexities of third-party risk management requires more than a guide. Our specialists can facilitate a comprehensive Gap Analysis of your material outsourcing, providing expert recommendations to ensure your stressed exit planning meets the Bank of England’s resilience standards.

Contact our Compliance Specialists

 

Skip to navigation Skip to main content Skip to footer