Another hugely successful and well attended IRLA briefing event, saw our members able to get a solid insight into the expectations of the PRA when it comes to Operational Resilience.
In just over a year’s time, UK (re)insurers are required to have:
- completed their operational resilience mapping and testing; and
- consequently, implemented any operational changes that they require to remain within their board set impact tolerances in the event of disruption.
It is readily acknowledged that our market is one which has inherited a confusing mix of legacy systems and data silos.
Tom Alcock explains: "With cyber incidents becoming increasingly ingenious and consumer duty now a key priority, the boards of our UK (re)insurer members need to be aware of their responsibilities and the expectations of the PRA for operational resilience & cyber security.
However, it is not only a question of knowing and understanding those responsibilities and expectations; crucial is the reality of how to balance them with our members’ business goals and resources."
As part of our busy 2024 schedule of events, IRLA arranged for Santosh Pandit, Senior Manager Insurance Risk Specialist at the PRA, to provide guidance and recommendations on how best to proceed during the next year and beyond.
Tom adds: "It was a fantastic event with Santosh leading the discussion.
"As the Chatham House Rule applied, we cannot transcribe what was said, however, what we can say is that the two-hour interactive session covered some really key opportunities to learn and understand, including:
- the importance of setting the correct impact tolerances;
- the expected breadth and focus of mapping;
- a systematic and pragmatic approach to testing;
- how to assess the operational resilience of third-party service providers; and
- frequent cyber weak spots to watch out for.
"I'd highly recommend that people consider joining such important briefings in the future."
This was one of our frequent interactions with Regulators, and if you would like to join us at our future regulatory events or contribute to the IRLA regulatory think tank, please do get in touch.