Summary - Basel Committee’s Principles for Operational Resilience
Boosting operational resilience has become a priority for global banking regulators. This was underlined by the Basel Committee on Banking Supervision (BCBS) releasing its high-level Principles for Operational Resilience in March 2021.
The principles aim to ensure banks can adapt to disruptions and provide vital services through crises. They complement detailed resilience standards already implemented in jurisdictions like the UK, EU and US.
Recognizing growing technology, cyber and third-party risks, the principles stress firms must identify their most critical services and manage risk holistically across banking groups. Boards and senior management are responsible for resilience programs.
The 10 foundational principles center on:
Governance - Clear frameworks with senior accountability for overseeing resilience.
Operational risk and control culture - Encouraging timely risk identification and escalation.
Operational risk management - Comprehensive processes for identification, monitoring, mitigation and reporting.
Business continuity and recovery planning - Maintaining services during disruptions and rapid resumption if suspended.
Third-party dependencies - Oversight of outsourcing arrangements and concentration risk.
Incident management - Response plans to adapt to unfolding situations and minimize impact.
Cyber resilience - Robust security controls and response calibrated to evolving threats.
Internal and external interdependencies - Coordinating resilience across banking operations and external infrastructure.
Dynamic resilience - Proactive anticipation of emerging risks and agile responses.
Transparency - Clear and timely internal and external communication and reporting.
The principles will enable jurisdictions to close gaps in national regulations regarding operational resilience. Their non-prescriptive nature provides high-level guardrails while allowing customization.
Overall, the BCBS principles reaffirm that operational resilience is both a regulatory priority and competitive necessity for global banking in the 21st century. Their focus on risk-based preparation, coordinated responses and continuous learning will spur banks to invest further in capabilities to meet rising challenges.
DecideWright is a UK-based consultancy that delivers solutions in the areas of Strategy Execution and Enterprise Performance Management, Enterprise and Operational Risk Management, Operational Resilience including DORA and Measurement & Metrics, including KPIs & OKRs.
Contact us to see if we are the right firm for your project.