Banking Exchange Magazine Logo

OCC Seeks to Improve Operational Resilience

Michael Hsu says occurrence and impact of disruptions is on the rise

  • |
  • Written by  Banking Exchange staff
OCC Seeks to Improve Operational Resilience

The Office of the Comptroller of the Currency (OCC) is considering what changes must be implemented to strengthen the operational resilience of banking services and financial institutions.

Speaking at an international banking conference, acting comptroller of the currency Michael Hsu said the probability of disruptions occurring and potential impact of disruptions has increased.

Disruptions may result from external events, such as natural disasters, pandemics or global conflicts, or from weak internal systems, control, or risk management.

The regulator seeks to ensure critical operations and banking services can withstand or recover from these disruptive events, which requires planning, testing, investment, and well-designed systems.

Therefore, the OCC is now focusing on exploring baseline operational resilience for large banks with critical operations and third-party service providers, according to Hsu’s speech.

These baseline requirements could include establishing clear definitions for identifying critical activities and core business lines and defining tolerances for disruptions.

It could also include a framework to test resilience capabilities as well as address expectations for critical service providers, with emphasis on governance and risk management expectations.

According to Hsu, the OCC will also look at the work other jurisdictions have done to improve the operation resilience of their financial infrastructure to inform the regulator’s decisions.

The European Union introduced the Digital Operational Resilience Act, which provides clear expectations for information and communication technology at covered firms.

The UK and Japan have also proposed similar operational resilience rules that require firms to identify important business services, set impact tolerances and map processes.

The proposals also provide a framework for firms to test under different scenarios and establish standards for outsourcing and third-party risk management.

back to top


About Us

Connect With Us