Other parts of this series:
Enterprise resilience incorporates the principles of operational resilience and scales them across the entire organization. In my previous blog post, I introduced operational resilience and why it’s so important to financial services firms. Here, I’ll expand on a framework for making the entire enterprise resilient amidst increasing regulatory, market and cyber threat challenges.
Financial services institutions carry significant responsibility for protecting customers, shareholders and the economy. The Financial Conduct Authority reported a 480% increase in data breaches at UK financial services firms in 2018 alone. The number of threats should likely increase and become more sophisticated as technology evolves and more services are digitized.
Building a resilient enterprise is essential to maintaining consumer trust and avoiding harmful consequences. It involves integrating resilience across governance, change management, business services, information security and disaster recovery. Training and clear communication about policies and roles are essential to mitigating risk and maintaining resilience.
Building a framework for enterprise resilience
A framework for enterprise resilience can help firms establish robust business services and build trust with consumers and regulators. At Accenture, we’ve identified 10 essential elements that should be included in this framework:
- Reporting. Identify and report key performance and risk indicators that inform risk decisions.
- Testing. Conduct regular testing and audits to assess resilience levels.
- Technology. Keep technology assets up to date and patched appropriately, which may involve resolving technical debt.
- Tolerance. Review impact tolerances regularly to stay on top of changing customer expectations, business strategies, technology and regulations.
- Third parties. Consider the larger ecosystem of third parties, as resilience should extend to all parties a firm interacts with (and parties a firm’s vendors, alliances and partners interact with as well).
- Change programs. Meet resilience criteria prior to launching change programs.
- Communication. Create living internal and external communication plans that evolve with a firm’s continuous resilience journey.
- Disaster recovery. Build a plan that involves not only resolving operational disruption but also effective crisis management.
- Cultural change. Advocacy from within is critical. Make sure employees understand both the framework and the role they play in maintaining continuity across the enterprise.
- Ownership. Assign responsibility and accountability for key elements.
Enterprise resilience is a never-ending process
Building enterprise resilience is a continuous process of discovery, assessment, remediation and testing that drives significant change across the organization on an ongoing basis. Common roadblocks firms may experience include:
- Resistance to cultural change and conflicting priorities.
- Limitations on the investment required to achieve operational resilience.
- Complex legacy systems that can be difficult and expensive to maintain and upgrade.
Committing to the enterprise resilience framework and fostering an engaged workforce culture that prioritizes operational resilience is crucial.
In an increasingly digital world where financial services institutions perform such an important economic role, it’s clear that operational and enterprise resiliency are strategic imperatives. If firms aim to keep up with rising customer demands and maintain trust while also protecting their businesses and complying with evolving regulations, they should prioritize resiliency. Failing to do so could have significant impacts on their financial well-being and the larger economy.
Get more details in our report on operational resilience or contact me if you have feedback or questions about building a resilient enterprise.