Skip to navigation Skip to main content Skip to footer

30 September 2024

The Operational and Organisational Resilience in Financial Services Conference

 

The recent Operational and Organisational Resilience in Financial Services Conference, held at the prestigious Law Society Hall in London, brought together industry leaders, experts, and professionals for a pivotal exchange of insights, best practices, and innovative strategies in operational resilience.

As a Diamond Sponsor, Escode was proud to contribute to discussions on the latest trends and strategies shaping the future of operational resilience. In a sector facing an increasingly complex landscape, operational resilience, and third-party risk management remain critical priorities. 

Overview of the Conference

The conference brought together an impressive line-up of speakers from leading institutions, including the Bank of England, Royal London, Santander, NatWest, HSBC Nationwide Building Society, the Financial Conduct Authority (FCA), and many more. Key discussions focused on developing and measuring maturity in testing practices to ensure high-quality assessments of operational resilience. A central theme throughout the day was scenario testing, recognised as a critical tool for identifying vulnerabilities and enhancing exit plans, especially in light of upcoming regulatory expectations such as the Digital Operational Resilience Act (DORA).

As industry challenges continue to grow, the insights shared during the event provided valuable perspectives on aligning operational resilience frameworks with risk management, ultimately streamlining business services and ensuring compliance with regulatory guidance.

 

 

Wayne Scott’s Keynote Address

A standout feature of the conference was the presentation by our Regulatory Compliance Solutions Lead, Wayne Scott. His keynote address covered several pivotal topics crucial for financial professionals engaged in operational resilience and third-party risk management.

Key Topics Covered

  • Financial Instability and Supplier Failure: Understanding the chain reaction from supplier failure to global financial instability.
  • Preventive, Detective, and Corrective Controls: Exploring effective measures to mitigate risks and enhance resilience.
  • Stressed Exit Planning: Discussing the essentials of planning for exits under stress, identifying areas for improvement, and strategies to maximise outcomes.
  • Supply Chain Requirements: Analysing what regulated entities need from their supply chains, common pitfalls, and how to turn these challenges into advantages.
  • Opportunities in Regulatory Change: Highlighting the opportunities that come with regulatory changes and how to prepare for them effectively.

Stressed Exit Planning and Scenario Testing

Wayne placed significant emphasis on stressed exit planning, particularly in light of the EU’s DORA regulation, which mandates the development of stressed exit plans for all critical suppliers. Wayne outlined key steps for developing effective stressed exit plans:

  • Establishing Legal Rights: Securing the legal right to access essential information about critical third-party software in the event of supplier failure is fundamental.
  • Knowledge Transfer: Ensuring that key personnel have access to the necessary resources and information is vital for operational continuity during a stressed exit.
  • Scenario Testing: Organisations must subject their stressed exit plans to rigorous scenario testing, including scenarios of a supplier's insolvency, to ensure effectiveness and identify areas for improvement.

The importance of scenario testing resonated throughout the day, highlighting how it is a proactive measure in risk management. Organisations must continually assess their preparedness for potential disruptions, enabling them to adapt swiftly to changing circumstances.

 

Wayne stressed the need to shift from corrective to preventive and detective controls, advocating for a proactive approach to third-party risk management. He explained how software escrow serves as an effective solution, allowing organisations to manage risks associated with third-party software providers efficiently.

An increasing number of global regulators recognise software escrow as a vital component of stressed exit plans. Software escrow agreements involve a third-party holding source code and other intellectual property, ensuring access during a stressed exit. By implementing escrow agreements and verification with third-party software suppliers, institutions reliant on outsourced software can gain access to the necessary resources for rebuilding and maintaining critical software.

Software escrow verification involves confirming that the source code and associated documentation are not only deposited but also up-to-date and functional. By conducting these verifications, organisations can simulate potential failure scenarios, ensuring they are prepared to rebuild and maintain critical software applications in the event of vendor insolvency or failure.

The Operational and Organisational Resilience in Financial Services Conference provided invaluable insights into best practices and innovative strategies in operational resilience. As we continue our commitment to strengthening operational resilience, we look forward to supporting your organisation in navigating these challenges and enhancing your resilience.

Interested in learning more about our Software Escrow Services?

Skip to navigation Skip to main content Skip to footer