Following the recent publication of the final rules on operational resilience by the Bank of England/PRA and the FCA, City and Financial Global is delighted to present “The 8th Operational Resilience and Cyber Security Summit”, which will take place virtually on 25 May. The objective of the conference is to assist financial institutions with implementing best practice operational resilience and cyber security measures that are consistent with the final rules.

We are delighted to announce that both the Bank of England and the FCA will be delivering keynote addresses at this year’s virtual summit.

On 29 March 2021, following on from their earlier consultation papers, the Bank of England/PRA and the FCA issued their final rules on operational resilience covering governance; operational risk management; business continuity planning; and the management of outsourced relationships (3rd parties). These rules will have a significant impact on how operational and cyber resilience is implemented by financial services firms and their suppliers.

By 31 March 2022, firms must have identified their important business services, set impact tolerances for the maximum tolerable disruption and carried out mapping and testing to prove their assumptions, as well as identified any vulnerabilities. By no later than 31 March 2025, firms should be able to prove through their mapping and testing that they are able to remain within impact tolerances for each important business service. They also need to have made the necessary investments to operate within their impact tolerances on a consistent basis.

Firms will need to continuously refine their crisis and incident management, business continuity and disaster recovery plans and improve and adapt them as necessary. They should also be in contact with their suppliers and establish if processes still work with much of the workforce remote-working and different countries going in and out of lock-down.

Cyber security is at the heart of operational resilience and exposure to cyber threats continues to be the greatest operational risk to firms. Cyber criminals have been quick to exploit the confusion caused by the Covid-19 crisis, demonstrating the need for enhanced cyber measures, as well as cross-border and intra-industry sharing of threat intelligence and incident reporting.

Through our exceptional panel of speakers and panellists you will learn about:

• UK regulatory objectives for operational and cyber resilience
• An overview of the new rules and requirements for financial services in view of the recent policy statement
• Governance and risk culture: the role of the board in strengthening operational resilience
• Regulatory resilience: maintaining regulatory compliance and flexibility to respond to evolving regulatory expectations
• How to build internal resilience through people management to sustain customers’ expectations and ensure business continuity
• Improving international collaboration on threat intelligence and incident reporting: key responses to cyber-security threats
• Board simulation of a cyber-attack on a major supplier to financial institution
• How understand emerging risks in the technology space and build a solid technology risk management framework within your organisation
• Outsourcing and pre-outsourcing: managing third- and fourth-party risk in the rapidly changing cyber threat landscape