Operational Resilience: Challenges and Trends across APAC
Detailed Agenda
- What have the other region’s regulators put in place to date?
- How have some of the APAC regulators chosen to address the topic?
- How APAC Banks & Asset Managers are currently addressing the requirements
-
- Country-by-country/regional/global approach?
- Establish a project, or implement as part of BAU?
- Engage an external Consultant?
- Functional ownership?
- Establish a dedicated business-wide Ops Resilience function, with the relevant functions reporting in to, or have an overarching framework & ongoing oversight over all the relevant functions?
- Relevant functions being: Compliance, Risk, Business Continuity, Information Security, Supplier Mgmt.
-
- What are the common themes if choosing to satisfy requirements at a regional/global level?
-
- Pretty much all regulations are “principles based”, which means it’s ultimately up to you how you want to interpret and comply with the regulations within your business, and then the regulators will decide later whether you’ve complied.
- Implementation exercise:
-
- Identify “critical” operations (people/processes/systems/Suppliers)
- Mapping interconnections and interdependencies
- Set impact tolerances
- Perform scenario testing
- Implement initial improvements
- Implement ongoing governance oversight framework
-
- Governance framework.
- Operational risk mgmt.
- Business Continuity planning & testing.
- Supplier dependency mgmt.
- Incident mgmt.
- Information and communications technology, including information security.
-
- What the optimal approach might me
-
- All approaches can work, and not work – depends how well you execute on the chosen approach.
- Depends on your regional/global coverage.
- Depends on your ability to allocate a single owner.
- Depends on the current state of your Compliance/Risk/Business Continuity/Supplier Mgmt/Information Security functions.
-
