Regulatory Wrap Episode #23: Mastering Operational Resilience and Cyber Compliance

In Regulatory Wrap for the week to March 15, Jennie Clarke covers cyber resilience and the regulatory activity taking place throughout the year to protect firms’ safety.

18 March 2024 2 mins read
by Kathryn Fallah

In Regulatory Wrap for the week to March 15, 2024:

In this Regulatory Wrap, we summarize the regulations that will be implemented this year targeting operational resilience and critical third parties, such as the U.K. government’s consultation on critical third parties, the Commodities Future Trading Commission’s (CFTC) requested commentary on similar points, the Digital Operational Resilience Act (DORA), and the Office of the Comptroller of the Currency’s (OCC) initiatives.

Highlights:

1. Guidance on operational resilience and critical third parties is an increasing effort for regulators as industry safety and market stability becomes more difficult to maintain

2. Commentary periods for multiple proposals put forward by the U.K. government and CFTC related to critical third parties are ending, and in addition, DORA will soon be applying to firms

3. Acting Comptroller Michael J. Hsu announced that the OCC is considering baseline operational requirements for large banks, particularly applying to third-party service providers

4. The OCC underscored that the areas firms should focus on to manage risk are good planning, prudent investment, well designed systems, and regular testing

5. As such, firms should ensure they’re selecting the most comprehensive and dependable third-party services to eliminate risks, uphold reputation, and prevent regulatory scrutiny

This Regulatory Wrap is brought to you by Global Relay’s Head of Content, Jennifer Clarke.

Operational resilience and critical third-party evaluation are indisputably essential in the current environment of complex cyber risks. When employing a provider like Global Relay, you can feel confident that your firm will be protected.