The FCA, Prudential Regulation Authority and the Bank of England have jointly published plans to develop new requirements for regulated firms to ‘strengthen’ operational resilience in the financial services sector.

The three regulators are concerned about how firms behave in the event of business disruption and how they deal with clients when this happens.

The three organisations have issued a shared policy summary and co-ordinated consultation papers (CPs) on the new requirements with CP19/32 one of the key new  documents.

Under the proposals, firms and FMIs (Financial Market Infrastructures) would be expected to:

• Identify their important business services that, if disrupted, could cause harm to consumers or market integrity, threaten the viability of firms or cause instability in the financial system
• Set impact tolerances for each important business service, which would quantify the maximum level of disruption they would tolerate
• Identify and document the people, processes, technology, facilities and information that support their important business services
• Take actions to be able to remain within their impact tolerances through a range of severe but plausible disruption scenarios

The FCA says that building the operational resilience of firms and Financial Market Infrastructures (FMIs) is a “shared priority” for the three supervisory authorities.

The co-ordinated CPs including CP19/32: Building operational resilience: impact tolerances for important business services build on concepts set out in the operational resilience Discussion Paper published by the authorities last year.

The FCA says that if disruption occurs firms are expected to communicate clearly, for example providing customers with advice about alternative means of accessing  services.

Andrew Bailey, FCA chief executive, said: “It is in the public interest that a resilient financial system is able to supply the most important services with minimal interruption even during severe operational events.

“The proposed new requirements are aimed at achieving this outcome.

“Disruptive events can have a high impact on consumers and businesses so firms and FMIs need to know where the risks to their service delivery lie and to make sure that they are prepared for any service disruption by testing their planned response.”

Sam Woods, CEO of the PRA and Deputy Governor for Prudential Regulation, said: “Operational resilience is a vital part of firms’ safety and soundness, and has become an important priority for the PRA.

“This consultation marks the next stage of integrating operational resilience into our regulatory framework. Alongside this, our proposals on outsourcing and the cloud will steer firms to be resilient in their adoption of new technologies.”