Bank of England Industry Operational & Cyber Resilience Report

Client Challenge

The Bank of England and the Financial Policy Committee (FPC) has for some time been focused on end-to-end Operational Resilience – this is not about being able to evidence the recovery of a system out-of-hours in a controlled DR / BCP test scenario.

This is about understanding the end-to-end value chain both within the regulated perimeter (banks, insurance companies, fund managers, exchanges, clearing houses etc.) and third-parties that sit outside this perimeter but provide and/or support critical services to these regulated entities.

It’s about understanding the complex inter-connected dependencies and potential impact to the real economy.  In this respect, Payments, Clearing, Settlement and Custody & Safekeeping functions are a significant area of interest given the systemic risk and potential impact.

What We Did

The Bank and the FPC have a detailed view of institutions that operate within the regulated perimeter.  TORI was engaged to analyse third-party vendors and service suppliers that are critical to the functioning of regulated firms.  As part of this analysis, TORI performed the following steps:

  • Documented the landscape of third-party suppliers that support Payments, Settlement, Clearing Custody & Safekeeping functions (PCSC)
  • Identified where there is concentration risk amongst third-party suppliers
  • Identified the dependencies at a process level between regulated PCSC functions and those unregulated third-parties
  • Provided a broad assessment of the cyber-resiliency across the third-party firms

Outcome & Results

  • One of the key aims of the analysis was to establish the relationship between regulated firms providing PCSC functions, and those unregulated third-party suppliers providing services to PCSC firms
  • We also highlighted maturity levels viz-a-viz Operational resilience and Cyber Security as well as setting out key considerations and industry Best Practice to underpin baseline analysis

Share on LinkedIn