FCA gives guidance on operational and cyber resilience in light of invasion of Ukraine

FCA’s new webpage looks at points firms should consider about their operational and cyber resilience following the Russian invasion of Ukraine.

It recommends that firms:

  • review the National Cyber Security Centre guidance and consider their, and their providers’, ability to withstand a cyber attack. It suggests actions to shore up controls, such as perhaps re-running staff ethical phishing campaigns;
  • consider the implications of the possible impact of the unrest and particularly of sanctions on the firm and its providers, and whether this may affect ability to deliver key business services;
  • check their business continuity and incident management arrangements are up to date; and
  • be ready to report material operational incidents to FCA in a timely way.

It also notes that firms should be alert to the risks of false information being shared and to have a prompt, clear response to act on should this happen to them.


Emma Radmore