Operational resilience is the preparedness and existence of resilient IT systems, processes and resources to provide services continuously during a disruption. This study examines the operational resilience implementation challenges and opportunities for UK building societies and wider financial institutions. The key challenges are resource constraints, understanding regulatory requirements, supplier concerns, domain knowledge, legacy systems and manual-driven processes. Some challenges are being addressed with awareness and training, improved governance and risk management, recruitment and industry support networks. The opportunities include realising the actual state of IT systems, adopting cloud solutions, resources and capabilities, as well as improved domain knowledge and a better understanding of services and markets. Regulators need to be more explicit about their expectations and requirements, while the industry needs to collaborate on setting up common frames of reference for operational resilience frameworks. Lastly, the study provides a holistic view of operational resilience, including its implementation and management challenges, control measures and emerging opportunities.
Read full abstract