Skip to content

Menu

LexBlog, Inc. logo
CommunitySub-MenuPublishersChannelsProductsSub-MenuBlog ProBlog PlusBlog PremierMicrositeSyndication PortalsAboutContactResourcesSubscribeSupport
Join
Search
Close

Treasury Select Committee report on IT failures in the financial services sector

By Iona Wright (UK) & Luke Rodgers on October 29, 2019
Email this postTweet this postLike this postShare this post on LinkedIn

On 28 October 2019, the House of Commons Treasury Committee published a report on IT failures in the financial services sector. The report sets out a number of conclusions and recommendations following a series of written submissions from various stakeholders (see previous blog here). These recommendations include:

  • further regulatory intervention to improve the operational resilience of the financial services sector. The FCA and PRA must give as much prominence to regulating operational risk and resilience as they currently afford to regulating prudential and conduct risks;
  • financial services providers must treat their ability to manage and prevent incidents with a level of seriousness appropriate to the significant impact when incidents occur;
  • the regulators should conduct an exercise to assess the accuracy and consistency of incident reporting. The regulators should clarify standards, guidance and definitions for the industry on what incidents firms should record and report;
  • the regulators must use the enforcement tools at their disposal to hold individuals and firms to account for their role in IT failures and poor operational resilience. The regulatory mechanisms to ensure accountability for failures must have teeth, and equally as importantly, be seen to have teeth. The regulator should also consider the effectiveness of the senior managers regime (SMR) and assess whether there any barriers restraining them from enforcement against individuals;
  • the Government should expand the SMR to include financial market infrastructure firms supervised by the Bank of England to ensure that senior managers are held accountable for their management of operational incidents;
  • the regulators should increase financial sector levies to ensure they can hire much needed staff with expertise and experience in operational resilience;
  • there should be a focus on transitioning from legacy technology to newer technology. The regulators should have a strong framework to oversee firms’ assessments and challenge these where necessary, making use of their full range of tools to achieve this, including commissioning independent section 166 skilled person reviews; and
  • the cloud service provider market stood out as a source of concentration risk during the inquiry. The Government should urgently consider how best to regulate cloud service providers to ensure high standards of operational resilience.
Photo of Iona Wright (UK) Iona Wright (UK)
Read more about Iona Wright (UK)Email
Photo of Luke Rodgers Luke Rodgers
Email
  • Posted in:
    Financial, International
  • Blog:
    Financial services: Regulation tomorrow
  • Organization:
    Norton Rose Fulbright
  • Article: View Original Source
LexBlog, Inc. logo
Facebook LinkedIn Twitter RSS
Real Lawyers
99 Park Row
  • About LexBlog
  • Careers
  • Press
  • Contact LexBlog
  • Privacy Policy
  • Editorial Policy
  • Disclaimer
  • Terms of Service
  • RSS Terms of Service
  • Products
  • Blog Pro
  • Blog Plus
  • Blog Premier
  • Microsite
  • Syndication Portals
  • LexBlog Community
  • 1-800-913-0988
  • Submit a Request
  • Support Center
  • System Status
  • Resource Center

New to the Network

  • Boston ERISA & Insurance Litigation Blog
  • Stridon News and Insights
  • Taft Class Action & Consumer Insights
  • Labor and Employment Law Insights
  • Age of Disruption
Copyright © 2022, LexBlog, Inc. All Rights Reserved.
Law blog design & platform by LexBlog LexBlog Logo