FCA updates on operational and cyber resilience following Russian invasion

The FCA has published some pointers that firms should consider regarding operational and cyber resilience following Russia’s invasion of Ukraine.

Firms are advised to consider the following:

  • the firm’s ability, and that of its third-party providers, to withstand a cyber attack and to follow their actionable guidance as a priority, to reduce the risk of cyber compromise. The NCSC has issued guidance for various sizes of firms;
  • the implications of the continuing unrest and UK/US/EU sanctions and how that might impact the firm and any third-party providers, and whether this could affect business services continuing;
  • updating any business continuity and incident management arrangements to ensure regulatory obligations are met in the event of unforeseen disruption;
  • reporting material operational incidents to the FCA in a timely way; and
  • be alert to the risk of false information being gathered or shared about the operations of a particular firm and prepare a prompt, clear response to try and prevent that information being acted upon.

FIN. Team