Operational Resilience
Tuesday 4 October 2022, 09:00 to 10:00 GMT +1
Location: Global
The financial services sector has gone digital. The technology that firms rely on brings benefits but also introduces new risks when firm’s operations are disrupted. To address this, the EU is expected to finalise a digital operational resilience act in the coming weeks.
Known as DORA, the new regulation will require practically all financial entities in the EU to apply uniform standards for managing ICT risks. Join our webinar to hear our panel of experts discuss what DORA does, what happens next and experiences of implementing the equivalent UK requirements.
15 March 2022
The Cyber Incident Reporting for Critical Infrastructure Act has been unanimously approved by the U.S. Senate. This requires critical infrastructure entities and federal agencies to report significant cyber incidents within 72 hours of the incident and within 24 hours if a ransomware payment was made.
25 February 2022
In the past few weeks, governments around the world, including the UK, US, Australia and New Zealand, have issued warnings that Russia’s invasion of Ukraine could lead to intentional or spillover cybersecurity attacks on organizations outside the region. It Is clear from our conversations with third parties and our threat intelligence partners that there is without a doubt increased malware activity, as well as scans targeting corporations.
26 January 2022
Russia’s crackdown on hacker group, REvil, is a good sign but days later Ukrainian government sites were taken down, allegedly by Russian hackers. The link between cybersecurity and US national interest has not escaped the SEC who are expected to continue to take a tough stance on cybersecurity.
25 November 2021
The Telecommunications (Security) Act 2021 is likely to impose some of the world’s toughest cyber security obligations. We consider the reasons for this step change and the practical compliance challenges.
23 November 2021
In our eighth webinar of the Global Business Crime Outlook Series, we will be discussing a range of topics including compliance, litigation and arbitration in the event of a cyber-attack with a particular focus on Latin America.
7 October 2021
Using artificial intelligence in the financial sector requires careful consideration of the regulatory framework. For example, UK firms deploying AI must take into account not only high-level principles, activity-specific rules and their reliance on third parties, but also how the novel features of AI models interact with individual accountability requirements.
2 September 2021
The SEC is done playing around. This summer it has demonstrated its resolve bringing actions against public companies for alleged poor disclosures, and against SEC registrants for alleged poor cybersecurity controls.
22 July 2021
The New York Department of Financial Services has joined the fight against ransomware issuing guidance to assist companies prepare and respond to ransomware. We consider the lawyer’s role in responding to this guidance.
24 June 2021
UK challenger banks, e-money firms and payment institutions are among those who need to be ready by 31 March 2022.
28 June 2021
Our global cybersecurity team shares 5 key steps you can take today to improve your organization's cybersecurity.
20 April 2021
The UK financial services regulators have put the final touches to their new set of rules on operational resilience. Firms have been given one year to get ready before the regime starts to apply.
29 March 2021
Nearly three years in the making, the FCA, PRA and Bank of England have finalised their proposed rules on operational resilience. The first key deadline for compliance is 31 March 2022.
25 March 2021
In this speech at the OpRisk Global conference, Julia Dixon and Pansy Wong share their insights on how financial institutions can set themselves up for success when implementing their Operational Resilience Programs.
19 March 2021
Nothing causes as much despair in the world of IT as an “upgrade” that goes wrong. For a financial services firm, a failed IT upgrade can cause severe disruption to customers and so the UK Financial Conduct Authority (FCA) has recently looked at how financial services firms update their technology. Its findings are a prelude to incoming rules on operational resilience.
18 March 2021
As technology entrenches itself in financial services, policymakers are looking more closely at the sector’s exposure to the risks of digitalisation. In this briefing we summarise the European Commission’s proposals for a Digital Operational Resilience Act, known as DORA, which would apply to not only EU financial entities but also some technology service providers.
18 March 2021
The incoming UK operational resilience regime represents a major exercise in regulatory change management. This one-pager provides a high level overview of the main rules, key defined terms and upcoming dates.
10 March 2021
The UK regulators are preparing to require firms to embed an operational resilience framework within BAU operations by 2024. The three-year transition hints at the significant design and implementation work that will need to be completed. This regulatory change, which comes hot on the heels of recent high-profile disruption in financial services and the Covid-19 pandemic, makes operational resilience the perfect case study when it comes to considering effective Board oversight and governance.
9 February 2021
The FCA is due to finalise new requirements on operational resilience which will impact a broad range of UK financial institutions. Before then, it has released its findings from a review on how financial firms manage, or in some cases fail to manage, IT upgrades and other technology changes. In this summary we highlight some of the FCA’s findings and suggest lessons for firms to build into their operational resilience planning
6 October 2020
The Commission’s draft Digital Operational Resilience Act puts forward new regimes for both financial entities and certain technology providers.
6 July 2020
Partners Julian Cunningham-Day, Julia Dixon and Georgina Kon share their top tips for building a successful operational resilience programme.
26 May 2020
In this recording of an AIMA Virtual Event on 22 May 2020, Financial Regulation Partner, Julia Dixon and Financial Regulation Counsel, Raza Naeem consider the key issues currently facing teams working in the Second and Third Lines of Defence and look ahead at what’s to come, discussing how the lessons that firms are learning as they work through this pandemic can be applied and put to good use going forward.
10 December 2019
UK regulators have now finally published proposals for new rules and guidance on operational resilience – a concept which is now part and parcel of crisis planning for financial firms. For regulated firms, these may become rules; for others, they may become a new benchmark of good practice.
9 December 2019
The financial services sector has often led the way in shaping thinking about how to manage risk. Its latest focus, thanks to the Financial Conduct Authority, Prudential Regulation Authority and Bank of England, is something called “operational resilience”.
31 October 2019
A parliamentary inquiry concludes that the current level and frequency of disruption in financial services is unacceptable and makes series of recommendations for regulators.
Our new FRG blog where you will find insights, commentary and news on recent developments in financial regulation from our dedicated financial regulatory lawyers in London.