Context Of Business
Resilience
As global complexities increase, fostering resilience offers a pathway to sustainable development, ensuring entities can thrive amidst uncertainties and bounce back stronger from adversities.
Navigating Business Resilience in today`s World
In an era marked by Volatility, Uncertainty, Complexity, and Ambiguity (VUCA), and further compounded by Brittleness, Anxiety, Non-linearity, and Incomprehensibility (BANI), businesses face unprecedented challenges. The rapid pace of exponential change across technological, economic, and social landscapes demands a robust framework for business resilience. Organizations must adapt to these dynamic conditions, ensuring they can not only withstand shocks but also seize opportunities for innovation and growth in an ever-evolving global environment.
Why now?
Before the First Industrial Revolution, which began in the late 18th century, the success of businesses was predominantly determined by quality and standardization. In this era, craftsmanship and artisanal skills were at the heart of production, with trades and guilds often acting as the bearers of quality standards. Methodologies for ensuring quality and standardization were less about formal processes and more about the mastery of skills, apprenticeship models, and guild regulations. These systems ensured that products met certain standards of quality, and artisans took pride in their work’s reputation for excellence. Examples include the hallmarking of silver, which served as a mark of purity and quality, and the apprenticeship system that ensured skills and knowledge were passed down and maintained to a standard.
With the onset of the First Industrial Revolution (circa 1760 to 1840), the focus began to shift. While quality remained important, the burgeoning industrial landscape brought efficiency to the forefront. The introduction of machinery, factories, and the division of labor underpinned this shift, with the goal of reducing marginal costs and increasing production volumes. Innovations like the steam engine and mechanized manufacturing processes revolutionized production, making it possible to produce goods faster, cheaper, and on a scale previously unimaginable.
Moving forward to the Third Industrial Revolution, which began in the late 20th century, the landscape of business success factors evolved yet again. This era, characterized by the advent of digital technology and automation, saw quality and efficiency continue to evolve but also highlighted the growing importance of agility. The ability to adapt quickly to market changes became a critical competitive edge. As digital products and services could be developed and iterated rapidly, businesses needed to be agile to capitalize on emerging opportunities and respond to the fast-paced technological advancements. Agility allowed businesses to pivot quickly, innovate, and meet the changing needs and expectations of consumers in a digital age.
Today, in an era marked by frequent market disruptions and the prevalence of disruptive innovation, resilience has emerged as the paramount requirement for business success. The ability to not only withstand but also thrive in the face of adversity, disruptions, and rapid changes is what distinguishes truly successful businesses. Resilience encompasses the ability to recover from setbacks, adapt to new conditions, and continue to grow and innovate regardless of the challenges faced. In this context, resilience builds on the foundations of quality, efficiency, and agility, representing the culmination of centuries of evolving business success factors. Now, in a world where change is the only constant, resilience ensures businesses can navigate the complexities of the modern market and emerge stronger from the challenges they encounter.
Regulations
In today’s business landscape, resilience-related regulations are gaining prominence, especially in the financial sector, to safeguard against operational disruptions, including cyber threats and ICT failures. Among the most significant regulations are:
Global: The Basel Committee on Banking Supervision has unveiled Principles for Operational Resilience, underscoring the importance of robust outsourcing practices. This worldwide effort highlights the financial sector’s growing reliance on technology and seeks to strengthen the industry’s capability to manage disruptions.
Digital Operational Resilience Act (DORA) in the EU: The European Union has introduced the Digital Operational Resilience Act (DORA), targeting the management of ICT risks. DORA is a landmark EU regulation aimed at establishing a comprehensive ICT risk management framework for the financial sector, effective from January 2023. It mandates financial entities and their critical third-party technology service providers to implement technical standards in their ICT systems. DORA covers aspects like contract requirements with third-party ICT providers, standardizing the reporting of serious ICT incidents, and ensuring digital operational stability through regular testing and management of ICT third-party risks.
United States Operational Resilience by Federal Reserve: This focuses on enhancing the operational resilience of financial institutions, including their ability to recover from disruptions like cybersecurity incidents or natural disasters. It emphasizes the growing importance of technology-led business transformations and the actions required to strengthen operational resilience.
United States and Canada: In efforts to bolster operational resilience, both nations have introduced proposed changes focusing on cybersecurity risk management. These reforms underscore the essential nature of cyber resilience in maintaining operational continuity.
UK Operational Resilience: The UK has implemented new regulations to enforce operational resilience, mandating organizations to develop and test their resilience strategies by 2025, with a particular emphasis on critical third-party provisions. This initiative is designed to augment the financial sector’s resilience against various disruptions. The UK’s Financial Conduct Authority (FCA), Prudential Regulation Authority (PRA), and Bank of England have established comprehensive rules and guidance on operational resilience, highlighting its importance alongside financial resilience. These rules are a response to operational challenges highlighted by the global pandemic and require firms to identify their vulnerabilities and improve upon them, applying to a broad range of financial institutions.
Asia-Pacific (Hong Kong, Singapore, Australia): Regulatory authorities across Hong Kong, Singapore, and Australia have published guidelines aimed at improving operational and technological resilience. These include establishing new protocols for operational risk management and third-party outsourcing practices.
These regulations collectively underscore a shift towards a more integrated and proactive approach to managing operational and digital resilience. They reflect an understanding that resilience is not merely about recovery but also about learning, adapting, and improving in the face of disruptions. Financial institutions, therefore, must navigate these regulations with a strategic focus on enhancing their operational and digital resilience, preparing them to withstand and thrive amidst the myriad challenges of the modern financial landscape.