QUESTION:  What is Operational Resilience?

Operational Resilience in our terms refers to the ability to continue to operate and support your client base despite difficult situations. That refers to any kind of business disruption; a pandemic such as we are facing today, an earthquake or any other business critical event.

It takes a view on how well set up the firm is with regard to technology and any other aspects of BCM.

Our aim is to ensure that there is BCM plan in place and that they are able to continue to support our clients, communicating appropriately internally and externally.

QUESTION: Who is accountable for Resilience?

It sits within the risk world, so the CRO needs to be sure they are resilient as firm and that they have back up plans and the appropriate infrastructure. While the CRO has overall responsibility, it is shared with other functional leaders

The BCM team ensures that they have a business continuity plan and that the correct communication channels are in place internally and externally.

The CIO is responsible for ensuring that they have the right technology infrastructure in place and that they have the right cyber protocols.

Those areas sit outside risk, so the CRO needs to bring those different areas together and ensure the overall strategy works.

QUESTION: What roles have you created or changed?

There have been no changes to roles or operating models yet. Cyber risk and resilience were already a key focus before the COVID-19 breakout so that continues.

The firm are in the process of consolidating feedback from clients and internal stakeholders about what they have done well and what went wrong. The plan is to learn from that and potentially make changes.

The firm needs to consider what their clients think, whether they responded to regulators on time and whether they minimised business impact. When they receive all of the feedback, they will make informed decisions about what needs to change .

QUESTION: What skill sets are in demand?

That hasn’t changed yet but moving forward it will be determined by the result of their ongoing enquiries. The results are on the way globally but will be a few weeks more.

QUESTION: What have you learnt from COVID-19?

There have seen more industry wide enquiries, particularly from regulators and clients who want to know what they have in place and how they are mitigating risk.

They are asking about their contingency planning and the firm needs to have clear, timely responses to those questions. In particular, when so many people are working from home, there is a lot of attention on how the firm manages cyber risk when people are trying to hack into their systems.

Similarly, regulators in India, Singapore and Hong Kong want to know how the firm is managing their balance sheet.

Lessons learnt will be clearer when they have completed their internal review.


Would you like to download the complete Risk Resiliency Whitepaper?

Download the paper now

Leathwaite recently executed a series of interviews with global heads of Risk to understand how organisations across all sectors have been implementing crisis plans.

Since lockdown began, organisations across all sectors have been implementing crisis plans. We were keen to understand what financial services firms globally had put in place over the last year; since regulators, particularly in the UK, began to make stipulations around process mapping, understanding of impact tolerances and running increased scenario testing.

Contact us!

Click on the button below to contact your local Leathwaite office to discuss your executive search or senior leadership requirements: 

Click here to contact Leathwaite