A guide to building business resilience in the financial services sector
Chris Huggett, Senior Vice President, Europe & India of business risk and resilience specialist Sungard AS, provides an overview of the four core imperatives which are outlined in the FCA’s recent report on building operational resilience in the financial services sector, which was published in December 2019.
Thanks to the UK’s new Open Banking initiative, the scale of IT problems within the financial services sector has been made public, with the BBC reporting major banks typically suffering well over one outage per month. With this in mind, the Financial Conduct Authority (FCA) published an updated discussion paper at the end of 2019, detailing new requirements to help strengthen operational resilience in the sector. The document encourages firms to consider the impact of disruption which can come in many forms (i.e. technology failures, cyber-related and other operational incidents) and the impact it has on the people and businesses (and financial markets) that rely on the products and business services. The four core imperatives from the report centre on: visibility, thresholds, testing and third-party management.
The report stipulates that firms need to identify and document the people, processes, technology, facilities and information that support their important business services (this is also known as mapping). By looking at systems and processes based on the business services they support, firms can bring more transparency to and improve the quality of decision making, thereby improving resilience.
The term ‘business service’ here refers to something that, if disrupted, would be most likely to cause intolerable levels of harm, for example:
The firm’s consumer base – including vulnerable consumers who are more susceptible to harm from a disruption
To the firm itself – through reputational damage, legal or regulatory censure or a loss of the firm’s financial position
To the UK financial system – i.e. knock-on effects for other market participants or industries crucial to UK infrastructure (such as government services or pension funds)
The FCA report also advises that organisations in the financial services sector must set ‘impact tolerances’ for each important business service; in other words, thresholds for the maximum level of disruption tolerable before consumer protection and market integrity is compromised.
Impact tolerance is expressed through specific outcomes and metrics, and should always include the maximum length of time that a disruption can continue. It can also comprise other considerations, such as the volume of disruption, i.e. the number and types of consumers affected or a measure of data which has been breached, stolen or lost. Another tip for firms setting impact tolerances is to consider different times of the day, different points in the year, or broader factors which may lead to activity within the important business services significantly increasing.
Once this has been set, organisations can set about finding ways of expanding their impact tolerance – for example, hosting private datacentres within co-located facilities or arranging for workplace recovery solutions.
Given the huge importance attributed to the ability to view and access funds by both business and consumers, the report states that firms must regularly simulate a range of severe but plausible disruption scenarios and conduct lessons-learned exercises to invest in their ability to respond to real-life disruptions. This shouldn’t only focus on preventing incidents from occurring or the probability of the incident taking place, but the response and recovery actions firms would take to protect the continuity of operations.
Scenarios can be based on anything from the loss or reduced provision of technology to the unavailability of facilities, key stakeholders or third-party services. An effective method of conducting tests is to base scenarios on previous incidents or near misses from across the financial sector and in other sectors and jurisdictions. Firms could also consider horizon risks, such as evolving cyber threats, technological developments and business model changes. An example of this can be seen in The Bank of England’s recent announcement of its plans to perform climate change-related stress tests on the UK’s top banks and insurers, to assess how firms would deal with more frequent weather events and mass sell-offs of “brown assets” – those considered detrimental to the environment.
Technology is driving huge change in the operational landscape of the financial services industry. This is perhaps best reflected in the rise of cloud-native challenger banks, that are quickly setting the agenda in terms of enterprise agility and customer experience, effectively redefining how firms in the sector compete and grow. However, the rapid adoption of new and revolutionary technologies like cloud computing have also caused the risk landscape in the financial services sector to expand at an unprecedented rate. Firms now not only have to be aware of the resilience of their own systems, but also must be able to trust in the resilience of third-party providers of the new technologies upon which their business runs.
Firms must take the due diligence to ensure the third parties they use to connect with their customers adhere to similar standards as they do. For example, third-party providers may exist outside of a firm’s regulatory perimeter or in multiple jurisdictions with different, or lower quality, resilience requirements. Firms should therefore thoroughly investigate how third-party relationships could undermine their ability to absorb disruption, asking questions such as: which legal jurisdiction is the provider subject to? What are the physical security characteristics offered by the provider (i.e. physical controls in the data centre or staff vetting)? Are there suitable arrangements for dispute resolution?
With the right backup and cloud storage provider effectively acting as a first line of defence against both expected and purely circumstantial disruption, businesses will be able to establish an infrastructure built with resilience and prepared for every eventuality.
In increasingly complex and fast changing business environments, organisations must be able to prevent, adapt, respond, recover and learn from disruptive operational incidents. The financial services sector must be aware not only of the threats to disruption which come from within and outside, but also the ability to tolerate scenarios. Nowhere is this more important than the financial services industry, where the consequences of disruption have the potential to cause severe knock-on effects to the functioning of the UK economy as a whole.
About Chris Huggett
Chris Huggett is the Senior Vice President, Europe & India at Sungard Availability Services and has over 20 years of experience working with leading technology firms including HP, Vodafone and Dell in providing critical production and recovery services to enterprise-level organisations.
About Sungard AS
Leaning on over 40 years of experience, Sungard Availability Services (Sungard AS) is an industry leader in the fields of Disaster Recovery and Business Continuity (DR/BC). From ultra-resilient cloud and data centre facilities, to workplace recovery solutions and consultancy services in business resilience, Sungard AS is a key partner for organisations in mitigating risk and ensuring the continuity of operations. Its experts specialise in streamlining and managing complexity, minimising risk and adapting to change, helping to capitalise on the opportunities that digital transformation offers.
FIVE things fintechs must do to keep investors onboard
New investors flocked to the stock market during the COVID-19 pandemic. Thirty-eight percent of investors said they had never had a brokerage or similar account before opening one in 2020.
Low or no-fee trading options have helped accelerate the trend – nearly half of new investors said they accessed their account primarily through a mobile app. As FinTechs, how do we create the trust needed to keep new investors in the market and create a fruitful customer experience for them?
The financial industry does a disservice to individual investors if we merely offer tools that focus on making money quickly, an approach that usually backfires. Instead, the surge of interest presents an enormous opportunity for those who want to help more consumers use financial technology to educate them on responsible spending, saving, and investing in order to achieve financial wellness current fintech tools have welcomed individual investors in the door.
Now, it’s time to focus on education and improving their experience going forward. There are several ways those of us in fintech can step up to shape the future of retail investing so that it works better for everyone, starting with the following areas.
Equal access to financial wellness education
Financial health should be available to everyone — but today, not everyone has the educational resources to achieve it. One study shows that only 3.9% of students from low-income schools were required to take a personal finance class. What they aren’t learning in school or from family members, fintech companies can provide on their platforms.
The companies should move from solely offering financial services to a more responsible model of education, advice, and prescriptive choices to help consumers develop better habits and make wiser financial decisions. Not only can they empower consumers and bridge historical wealth divides, but they can also stimulate growth by opening up new consumer segments.
Just as we’ve come to expect that our fitness routines are tailored to our individual bodies, we’re also ready for finance tools that go beyond one-size-fits-all solutions. But only six percent of financial institutions say they’re using the kind of technology that allows them to deliver a deeply personalized experience. Fintech tools need to reflect that financial success looks different for each of us.
For one consumer, it may mean providing guidance on how to pay off student loans early; for another, it may mean prescriptive actions that enable them to stick to a budget for the first time; for a third, it could look like prioritizing environmental, social and governance (ESG) investments, so that her portfolio aligns with her political beliefs.
Now, we are seeing financial technology beginning to meet the demands of personalized finance in a substantial and meaningful way.
The rise of AI-Powered Advice
Big-picture advice and predictive guidance used to be a feature of high-end financial advisory firms — a perk only available to those who could afford it. But thanks to rapid advancements in data analytics and artificial intelligence (AI), that kind of holistic advice is now more accessible than ever. AI-driven robo-advisors can parse many different streams of financial information, delivering customized answers to key questions: Is it time to buy a home, or is it smarter to keep renting? Can I afford to take out another student loan?
Intelligent connectivity powered by AI can anticipate consumers’ needs and next steps, making proactive suggestions that guide them along the path to financial wellbeing. Fintech companies can also help consumers identify when their financial picture becomes too complex for a robo-advisor, and help them find a human financial advisor to meet their needs.
Focus on financial mental health
New investors are quickly finding that the market can be overwhelming. That’s not surprising, financial anxiety is common and studies show that financial stress can have an impact on mental health for some.
It’s not enough for fintech companies to give retail investors access; they also must provide the guidance and support that help consumers manage their financial well-being. Educational tools can ensure that consumers are well informed about their options.
Predictive analytics can anticipate consumers’ questions, serving them key information and insights before they ask. Features that emphasize a comprehensive notion of financial well-being, rather than short-term wins and losses, can also help ensure that consumers are keeping their eyes on the bigger picture.
Gamification for good
The surge of gamification apps has done an impressive job making investing as engaging as playing a video game or joining a social media platform.
Much of the current use of gamification emphasizes short-term thinking, but there’s also an opportunity to help consumers think more broadly about their overall financial picture. One example is peer benchmarking, a feature that enables help consumers to see how their financial habits compare to those of friends and fellow consumers.
Gamification can also be used to incentivize making smaller, smarter choices — for example, rewarding saving over making an impulse buy.
The future of fintech is about more than just broadening access to the markets. It’s about making sure more individuals have access to the tools that can help improve their financial well-being—in the ways that suit their own circumstances and needs. The potential to act within their own set of individual priorities, with their long-term financial wellness in mind is much more empowering to a consumer than simply relying on short-term, high-risk investments.