Operational resilience is no longer optional. Writing in NLJ this week, Emma Radmore and Michael Lewis of Womble Bond Dickinson explain how UK regulators expect firms to identify ‘important business services’ that could cause ‘intolerable levels of harm’ if disrupted
Eight steps—from mapping vulnerabilities to board-approved self-assessment—must now be embedded and reviewed at least annually . The FCA has warned against narrow time-based impact tolerances and complacency about replaceable suppliers.
Firms must plan for ‘severe but plausible’ events, from cyber failure to pandemics. With AI and third-party risk adding complexity, resilience must be woven into enterprise-wide risk management—or face regulatory consequences.
Issue:
8149
/
Categories:
Legal News
,
Regulatory
,
Profession
,
Risk management
,
Financial services litigation
RELATED ARTICLES
