Bank of England releases results from financial sector resilience exercise
- Published: Tuesday, 01 October 2019 07:44
The Bank of England has published the high level findings of the financial sector cyber simulation exercise that took place last year.
The exercise, which took place on 9th November 2018 and was commissioned by the Cross Market Operational Resilience Group jointly chaired by the Bank and UK Finance, explored the sector’s resilience to a major cyber incident impacting the UK. The report says that the exercise demonstrated that recommendations from the last sector exercise have been implemented and identified further opportunities for improvement. The exercise also successfully rehearsed the Cross Market Business Continuity Group, an executive level group chaired by the Bank to enable financial authorities (Bank of England, PRA, FCA and HMT) to interact with the financial sector during times of major operational disruption.
Alongside the financial authorities, participants included 29 of the most systemically important firms and Financial Market Infrastructures. Participants responded to a severe but plausible cyber-attack scenario targeting the sector.
The report says that the exercise found:
- Opportunities to improve the way firms coordinate at an operational level during incidents that impact the sector;
- Disparity in risk tolerance for suspending services could impact the functioning of the financial sector;
- Recovery of services is impacted by differences in the way data is stored across the financial sector; and
- Effective and consistent communications are key to maintaining customer and market confidence.
Specific recommendations linked to the 2018 exercise key themes will be taken forward by the participants and authorities.
Sam Woods, the Deputy Governor for the Prudential Regulation Authority said: “Exercising continues to form a very important part of our resilience strategy, which aims to ensure that we are prepared and can respond effectively to a major operational disruption such as a cyber-attack. The 2018 exercise contributed to this and we will maintain our exercise regime going forward.”
Source: Bank of England