3 mins reading time
Silicon Valley Bank collapse: what lessons must be learned
At the end of March, Supervisory Statement 1/21, produced by the UK’s Prudential Regulation Authority (PRA), comes into effect. Banks that fall within the PRA’s jurisdiction have to be ready for it.
The paper imposes a deadline of March 31st 2022 – less than eight weeks away – for starting the implementation of the Operational Resilience Framework. To comply with the rules, firms are obliged to show their plans for meeting policy requirements to regulators.
Operational resilience is often taken to refer to the robustness of systems to external and internal pressures, but a key aspect of any firm’s operational resilience is the adequacy of its Risk Control Self Assessments (RCSAs). Good RCSAs should alert senior managers to the key risks across their firm, by region and by asset class, thereby enabling effective risk control mechanisms to be put in place, to galvanize overall business strategy. Unfortunately, RCSAs are very seldom efficient enough to achieve this outcome.
A revolution in philosophy and methodology is required if RCSAs are to do the job they were intended to do. Several key objectives should be kept in mind.
Only through the compilation and deployment of more thorough and more uniform data, harnessed to the most appropriate technology, will change in RCSA processes become possible. Today, RCSAs are generally executed manually and individually. For any progress to be made this must become as redundant as voice trading in mainstream FX.
The core of operational resilience is the RCSA. Today, RCSAs are not fit for purpose. A volte-face of philosophy and procedure is required.
Acin has a comprehensive, pre-built risk and control quick start library of inventories constructed through industry consultation and mapped to regulatory guidance, to provide immediate value and accelerate impact. Easily and proactively demonstrate to the regulator, auditors, investors, shareholders, and boards that you are managing climate risk – ahead of regulatory deadlines.