AFME: Pandemic forced better data and technology resilience to combat operational risk
24 September 2021 UK
Image: areebarbar
The COVID-19 pandemic provided an increased level of data and technology resilience for the financial sector to prepare and fight operational risks, agreed a panel at this year’s Association for Financial Markets in Europe (AFME).
Panel moderator Emmanuel Le Marois, associate director, technology and operations, at AFME, asked the panellists how the understanding of operational resilience had evolved over the last 18 months and what influence the pandemic is likely to have on the future approach toward tackling and affirming operational resilience.
Andrew Retrum, managing director, global financial services at Protiviti, said: “During the pandemic, many firms began to look to build upon what they already had in terms of operational resilience against cyber attacks and third party risks, especially. These aren’t new topics or concepts, of course, but many businesses are now taking more notice of those issues and are better prepared for the inevitability of their next impactful problem.”
Discussing the issue of cyber security further, Retrum added: “It’s been quite a year, a golden age of ransomware, with significantly impactful events that caused severe disruption of services. Many organisations within the financial sector are now more focused on large impactful cyber events, not just how to prevent them but how to recover and/or minimise their impact.”
Discussing the pandemic from more of a governance perspective, Annik Bosschaerts, COO and executive director of Bank of New York Mellon SA/NV, commented: “As an industry we responded well even when moving to a remote working environment to continue to provide essential services.”
“It was striking — the impressive level of collaboration and dialogue with regulators and governance bodies. That enabled an impressive response to the challenges that popped up. There was an increased focus on safety for ourselves and on the mental wellbeing of our employees, which has been a key area of focus for us and continues to be through the ongoing pandemic situation.”
She added: “The pandemic also highlighted the importance of digital solutions, and influenced clients to use digital solutions in a more active way, as well as the importance of having the right data and granularity of data accessible and available, up and down the supply chain.”
Echoing Bosschaerts’ sentiment, Russell Jackson, head of division for UK global banks, of the Bank of England said: “There was resilience — a pivot, en masse, to working from home practices, across the geographic footprint. It was a great example and test of resiliency to continue to be able to keep the financial sector running in that kind of environment. There was a greater adoption of digital channels and, very quickly, an renewed acceptance of utlising online financial services more often.”
When Le Marois asked the panellists for their predictions about the major and upcoming potential risks for the financial sector, Claus Sengler, head of section non-financial risk inspections / IT and operational risk and resilience at European Central Bank, commented: “You cannot wait until something happens, you have to plan for when it does.”
He added: “You need a management framework approach, to test plausible scenarios and ensure resilience in IT. The biggest risk is in the unknown — third party or even fourth, fifth and sixth party relationships dependencies to other services. The pandemic has certainly highlighted the need to ask the questions: ‘who do we do business with?’ and if one of these parties fail, what would be the consequence?’”
Bosschaerts added: “The pandemic was a great opportunity for a lot of institutions to learn best practice. There was an impressive collaboration and dialogue and an aligned taxonomy that will help global firms. Companies need support to access industry-wide alliances with third-party providers on concentrating risk.”
Toward the end of the panel discussion, an audience member asked: “Noting the increased focus on climate risk in prudential regulation, how are ESG and climate risk issues being integrated into firms' strategies for operational resilience?”
To which the Bank of England’s Jackson said: “This is an evolving consideration for the industry, the majority of the financial sector already have a focus for ESG considerations, especially for climate change. The increase in communication and dialogue the pandemic influenced will act as a blueprint going forward, as it has been critically important over the last 18 months.”
When asked how the financial sector could prepare itself to tackle operational risks in the future, European Central Bank’s Sengler affirmed: “Be prepared, stress testing makes it easier to act in a crisis.”
The Bank of England’s Jackson advised: “Really understand interdependencies that you yourself are running and how that runs within the wider system.”
Protiviti’s Retrum concluded: “Prepare — not just in your area of focus, but prepare with a broad view — investigate what other stakeholders across the sector are doing and keep that [momentum] going forward.”
Panel moderator Emmanuel Le Marois, associate director, technology and operations, at AFME, asked the panellists how the understanding of operational resilience had evolved over the last 18 months and what influence the pandemic is likely to have on the future approach toward tackling and affirming operational resilience.
Andrew Retrum, managing director, global financial services at Protiviti, said: “During the pandemic, many firms began to look to build upon what they already had in terms of operational resilience against cyber attacks and third party risks, especially. These aren’t new topics or concepts, of course, but many businesses are now taking more notice of those issues and are better prepared for the inevitability of their next impactful problem.”
Discussing the issue of cyber security further, Retrum added: “It’s been quite a year, a golden age of ransomware, with significantly impactful events that caused severe disruption of services. Many organisations within the financial sector are now more focused on large impactful cyber events, not just how to prevent them but how to recover and/or minimise their impact.”
Discussing the pandemic from more of a governance perspective, Annik Bosschaerts, COO and executive director of Bank of New York Mellon SA/NV, commented: “As an industry we responded well even when moving to a remote working environment to continue to provide essential services.”
“It was striking — the impressive level of collaboration and dialogue with regulators and governance bodies. That enabled an impressive response to the challenges that popped up. There was an increased focus on safety for ourselves and on the mental wellbeing of our employees, which has been a key area of focus for us and continues to be through the ongoing pandemic situation.”
She added: “The pandemic also highlighted the importance of digital solutions, and influenced clients to use digital solutions in a more active way, as well as the importance of having the right data and granularity of data accessible and available, up and down the supply chain.”
Echoing Bosschaerts’ sentiment, Russell Jackson, head of division for UK global banks, of the Bank of England said: “There was resilience — a pivot, en masse, to working from home practices, across the geographic footprint. It was a great example and test of resiliency to continue to be able to keep the financial sector running in that kind of environment. There was a greater adoption of digital channels and, very quickly, an renewed acceptance of utlising online financial services more often.”
When Le Marois asked the panellists for their predictions about the major and upcoming potential risks for the financial sector, Claus Sengler, head of section non-financial risk inspections / IT and operational risk and resilience at European Central Bank, commented: “You cannot wait until something happens, you have to plan for when it does.”
He added: “You need a management framework approach, to test plausible scenarios and ensure resilience in IT. The biggest risk is in the unknown — third party or even fourth, fifth and sixth party relationships dependencies to other services. The pandemic has certainly highlighted the need to ask the questions: ‘who do we do business with?’ and if one of these parties fail, what would be the consequence?’”
Bosschaerts added: “The pandemic was a great opportunity for a lot of institutions to learn best practice. There was an impressive collaboration and dialogue and an aligned taxonomy that will help global firms. Companies need support to access industry-wide alliances with third-party providers on concentrating risk.”
Toward the end of the panel discussion, an audience member asked: “Noting the increased focus on climate risk in prudential regulation, how are ESG and climate risk issues being integrated into firms' strategies for operational resilience?”
To which the Bank of England’s Jackson said: “This is an evolving consideration for the industry, the majority of the financial sector already have a focus for ESG considerations, especially for climate change. The increase in communication and dialogue the pandemic influenced will act as a blueprint going forward, as it has been critically important over the last 18 months.”
When asked how the financial sector could prepare itself to tackle operational risks in the future, European Central Bank’s Sengler affirmed: “Be prepared, stress testing makes it easier to act in a crisis.”
The Bank of England’s Jackson advised: “Really understand interdependencies that you yourself are running and how that runs within the wider system.”
Protiviti’s Retrum concluded: “Prepare — not just in your area of focus, but prepare with a broad view — investigate what other stakeholders across the sector are doing and keep that [momentum] going forward.”
NO FEE, NO RISK
100% ON RETURNS If you invest in only one asset servicing news source this year, make sure it is your free subscription to Asset Servicing Times
100% ON RETURNS If you invest in only one asset servicing news source this year, make sure it is your free subscription to Asset Servicing Times