The Clock is Ticking: Here’s How UK Financial Firms Can Build Resilience

Locked out. That’s the last thing customers want to see when logging into their financial accounts and the last thing firms want to happen. When the cause is a preventable issue, it can spell trouble for the financial firm.

Under new UK regulations, ensuring operational resilience is a high priority for officials – failure can mean heavy fines. Regulators recently fined one bank 49 million GBP for an IT outage that locked out two million customers. This effort to increase the country’s financial stability has considerable practical consequences for companies affected by the new regulations.

What You Need to Know

In partnership with the Bank of England, the Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA) began considering proposals in 2019 to improve the operational resilience of the UK financial sector. Shortly thereafter, the pandemic revealed just how essential this goal is to life as we know it. The resulting rules and guidance came into effect on 31 March 2022, and affect all types of financial organisations, from banks and building societies to insurance and investment firms.

By now, financial firms should have conducted a self-assessment of their business services, set benchmarks for tolerance and identified weaknesses. They also should have prepared internal and external communications plans covering any business disruption.

The 31 March 2025 deadline is looming: How can financial firms achieve operational resilience and ensure timely compliance with the new regulations?

Why Operational Resilience Matters and Where to Start

Operational resilience is not only about compliance. It’s also about maintaining the continuity of your business while ensuring the well-being of your people, places and property. 

Conversations about resilience provide a starting point for better decision-making, and, in turn, better outcomes. That’s why financial executives can’t be afraid of asking questions and analysing strengths and weaknesses. To address this, the requirements have built-in evaluation steps. To create, enact and test an effective critical event management strategy, you must first determine where your organisation stands.

It's important to assess all capabilities, and to know where your organisation stands on the technology maturity scale. Constantly adding new software isn’t the answer. It’s about incorporating a platform designed to grow with your business needs while adapting to the threat landscape. Operational resilience requires a holistic approach, a growth mindset and technology that mirrors both.

How Technology Makes It All Possible

An effective system for critical event management makes it possible to proactively manage both known and unknown hazards. That capability is crucial to operational resilience. When organisations can show they’re achieving it, they’ll be well on their way to regulatory compliance.

An effective technology solution facilitates operational resilience through a combination of risk intelligence, critical communications and incident management.

Risk intelligence delivers accurate and relevant information in real time, so organisations receive actionable intelligence to mitigate existing and potential threats.

Critical communications provides reliable global reach and comprehensive on-demand alerting, so everyone stays informed and connected.

Incident management makes it easy to carry out an efficient crisis response with advanced scheduling, collaboration, situational awareness, task orchestration and automation.

When organisations have access to all three of these capabilities through one unified platform, they become stronger and more resilient, thanks to:

  • Speed: Leaders can receive notifications minutes after an event occurs. They’re also able to notify employees and other stakeholders quickly from a single interface.
  • Relevance: AI-filtered data from human-validated sources eliminates noise and pinpoints those events which pose the greatest threat. Now leaders can make informed, proactive decisions.
  • Usability: For observation, analysis and response escalation, a unified dashboard enhances clarity. Leaders gain visibility into the big picture as events unfold.

During times of disruption as well as daily operations, integrated technology and expertise reinforce organisation-wide agility. Although you never know what tomorrow may bring, with the right resources you can adapt. Change is constant – resilience can be too.

To learn more about what it takes to develop operational resilience and go beyond meeting the new UK requirements to truly thriving, contact OnSolve to request a demo


OnSolve® proactively mitigates physical threats, allowing organizations to remain agile when a crisis strikes. Using trusted expertise and reliable AI-powered risk intelligence, critical communications and incident management technology, the OnSolve Platform allows organizations to detect, anticipate and mitigate physical threats that impact their people and operations.