The latest resilience news from around the world

Financial firms need to focus on improving resilience says Central Bank of Ireland

The Central Bank of Ireland (Banc Ceannais na h√Čireann) has told financial firms that they need to improve their approach to resilience and to managing IT risks. In a speech entitled ‘The need for resilience in the face of disruption: Regulatory expectations in the digital world’ at the Financial Centres Summit in Dublin, Deputy Governor Ed Sibley spoke about the need for financial firms to build resilience into their systems to meet the challenges that technological innovation and competition pose. He outlined the Central Bank’s expectations in relation to the management of IT risk and the findings of its recent onsite work.

In his comments, Mr. Sibley warned about the risks of inadequate oversight of outsourcing and highlighted the importance of building resilience in the context of cybersecurity risks.

He noted that since 2015, the Central Bank has had a dedicated team of onsite inspectors, focused on analysing financial firms’ IT infrastructure, policies and governance. He stated:

“We have seen a lot of progress in the area of IT risk management and resilience, but there is huge amount of work still to be done.”

Mr. Sibley noted that almost three quarters of findings from on-site inspections relate to weaknesses in four key areas: IT risk management, IT security, IT outsourcing, and IT continuity management.

He raised concerns “about the many findings in our work that relate to the failings of boards and senior management to understand and appreciate the significance of the IT and operational risks their firms face.” He noted that “Senior management and boards of financial services firms need to own these critical risks and build resilience in their firms to be able to endure and survive operational or technology-related shocks.”

Mr. Sibley concluded by saying that, given the potential catastrophic consequences for firms and their customers, it should not take the regulator to have to tell firms what they need to do to build resilience. The size and nature of the risk should itself be enough.  

“While looking at the opportunities for the future, many firms also need to continue to invest to get the basics right. Significant improvements are required across the system to manage the incumbent and growing technology risks within it,” warned Mr. Sibley.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.