Skip to content

Target Operating Model - Achieving long-term Operational Resilience

Operational resilience is a high priority for the PRA and FCA and the regulations will have a significant impact on financial services firms’ future operating models.

Firms are required to achieve a robust and operationally resilient organisational model, which requires appropriate investment and a significant and coordinated range of activities linked to risk, regulatory and strategic drivers.

It also requires developing and embedding a set of capabilities that can keep the delivery of operational resilience alive on an ongoing basis. The operating model should enable a firm to prioritise the things that matter most. Like, prioritising those activities that, if disrupted, would be detrimental to customers, market integrity or otherwise pose a risk to the stability of the financial sector or the firm’s safety and soundness. Firms should embed ongoing resilience procedures to monitor the resilience profile. This includes incident management procedures, communication plans and training.

The macro actions that firms should apply can be grouped as follows:

  • Constitute operational resilience planning
  • Achieve transformation safely
  • Maintain resilience in the future
  • Gain oversight through robust governance and enhanced risk management

But, what can firms do to ensure long-term operational resilience and harness the benefits?

Firstly, they shouldn`t focus solely on regulatory compliance. The main drivers for successfully embedding operational resilience are to establish a resilience-centric culture that provides both customer and business benefits.

At a minimum, firms should have a clear purpose, strong leadership, and logical policies & procedures, all underpinned by effective governance.

It should be acknowledged that a mentality of ‘just’ having to meet the requirements will not lead to long-lasting and sustainable operational resilience.

Simply implementing the letter of the law, rather than the spirit of the law, will likely result in duplicated effort in the short term and having to rework in the long term. Only firms that adopt a more strategic approach to operational resilience will realise multiple additional benefits in the long run.

To ensure effective long term operational resilience it is necessary to build an approach and methodology based on:

  • Alignment with existing operational risk, business continuity and organisational models to reduce inefficiencies and unnecessary additions to the cost base
  • Improved visibility and MI over the performance of key important business services and the resources required to deliver these, resulting in a more reliable level of service delivery to clients
  • Better oversight and control over outsourced business activities
  • A better understanding of vulnerabilities and improved ability to prioritise and target investment accordingly.

To achieve an ideal operational resilience scenario, financial services firms need to develop an enterprise-wide framework that allows them to respond flexibly to unexpected disruption.

It requires firms to analyse four important organisational components:

  1. Framework – design how to operationalise the subject matter within the framework through the annual calendar
  2. Structure - understand the vital structures required to effectively govern operational resilience, including committees, reporting lines, mandates and capability
  3. Roles & Responsibilities – comprehend and state the role of the board vs senior management, the role of the 3LOD and the resilience team
  4. Enablement - Understand the policies, procedures and processes including MI reporting flow, to enable operational resilience governance

Based on the above, the main steps to consider when creating an adequate Target Operating Model(TOM) are:

  1. Understanding the business - The organisation’s operations, its vulnerabilities, the existing functions, the operational continuity. Also, perform the maturity assessment for identifying existing weak points and gaps compared to the regulations on operational resilience.
  2. Defining the firm-specific TOM - Based on the results of the maturity assessment,  a target model must be derived that fits the needs and nature of the firm.
  3. Set up a strategic work programme - For the implementation of the target model, firms should build future-proof solutions leveraging existing synergies to avoid unnecessary costs. Firms should also design a forward-looking multi-year project plan, aligned with existing transformation efforts and considering strategic business directions.

To conclude, let`s remind ourselves that the core purpose of regulators is to make progress in the financial services sector, such that firms can provide financial goods and services to people and corporations using an approach that is effective, sound, and resilient.

If done badly, operational resilience is just another administrative layer adding complexity on top of existing operational risk, business continuity and crisis management practices.

While, if done well, operational resilience can drive efficiencies, deliver better performance, and improve customer outcomes.

Firms that approach operational resilience with the intention of satisfying regulatory requirements alone are missing a trick. Rather than trying to purely meet all regulatory requirements, firms should establish an effective Operational Resilience Target Operating Model and build for the long term.

Operational Resilience is not just another review, another dashboard, another governance forum, and should not be another layer of complexity.

Fourthline is supporting several Financial Services firms in creating their tailored Target Operating Models.

To download our Target Operating Model service deck and to find out more about how we can help your firm, click here>

 

How FourthLine can help:

FourthLine is working with a number of financial service firms to help them with Operational Resilience enablement and Outsourcing and 3rd-Party Risk Management, through a mixture of end-to-end consulting and resourcing options.

March 1, 2022
Stefania Saccomanni
Stefania is the Marketing & Sales Business Manager at FourthLine. She provides a pivotal link between the business and Fourthline customers, delivering communication and presentations, contributing to drive business growth by creating engaging written and visual content.
Contact Us

Company Number: 6952875

VAT Number: 981375491

Privacy Policy

Complaints Procedure

Code of Conduct

CONNECT WITH US

Stay up to date with industry news, risk and resilience events and webinars.

Copyright © 2022, FourthLine. All Rights Reserved.