The Financial Stability Institute has published its FSI brief, COVID-19 and operational resilience: addressing financial institutions’ operational challenges in a pandemic.
Financial institutions are dealing with two challenges in the face of the COVID-19 pandemic. The first of which is financial, in terms of addressing and mitigating the sharp drop in the value of financial assets or a loss of liquidity. The second of which is operational, in terms of addressing the risk of failure of resources; such as people, processes, technology, facilities and information; to deliver business service.
Guidance issued by financial sector authorities in response to the COVID-19 crisis seems to suggest that the international efforts to create operational resilience standards should consider the following elements:
- Essential employees: identifying critical functions and employees that support important business services and ensuring the safety of those employees and ensuring that they can resume their duties remotely.
- IT infrastructure: ensuring that IT infrastructure can support a sharp increase in usage over an extended period and taking steps to safeguard information security.
- Third-party services providers: ensuring that the external services providers and critical suppliers are taking adequate measures and are sufficiently prepared for a scenario in which they will be heavily relied upon
- Cyber resilience: remaining vigilant in identifying and protecting valuable systems and detecting responding to and recovering from cyber attacks.
Ensuring business continuity is key. Here are some recommendations relating to “preparing” and “responding” to the COVID-19 crisis and keeping business continuity:
- Ensuring customer and staff safety
- Reviewing the appropriateness of contingency plans to address a pandemic scenario
- Assessing telecommuting capabilities and increasing cyber resilience
- Identifying critical financial workers
- Coordinating with critical third-party service providers
- Maintaining a clear communication with internal and external parties