The Bank for International Settlements defines business continuity management as a global approach that includes policies, standards and procedures for ensuring that, in the event of a disruption, certain operations can be maintained or recovered in a timely fashion; in order to minimise the operational, financial, legal, reputational and other material consequences arising from an disruption.
Why is business continuity important?
In recent years, several events have highlighted the importance of business continuity. Perhaps the most obvious were the terrorist attacks in New York, Madrid and London. But, on the whole, business continuity focuses on those elements which form part of the so-called operational risk; the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events.
Business continuity will, therefore, deal with those events normally improbable, statistically-speaking, and whose timing is both uncontrollable and unforeseen, but which may have a sizeable impact on the organisation.
Business continuity, settlement systems and financial stability
Business continuity is particularly important in the area of payment and securities settlement systems. There are, basically, five reasons:
- Safe and efficient settlement systems are essential for an effective monetary policy as they are the means by which central banks conduct monetary interventions and transmit the changes in liquidity to money markets. Obviously therefore, settlement systems are a key infrastructure for instrumenting monetary policy, the implementation of which requires efficient processing and settlement of operations. Hence they contribute to meeting the price stability objective.
- Financial Stability depends largely on the capacity and effectiveness of settlement systems to control the systemic risk which might affect credit institutions. This risk arises when the failure of one participant to fulfil its obligations in a settlement system causes the failure of others, generating a chain than can ultimately collapse the settlement of transactions.
- A settlement system can be a highly destabilising factor if, through inadequate design, it fails to have the appropriate mechanisms in place to control legal, operational and technical risks inherent therein.
- In addition to the high volumes of orders processed by the settlement systems, these operations are vital for the economy. Take, for example, operations involving very large amounts such as those concerning monetary policy where payment systems and securities settlement both intervene, or operations which, while not large, are essential for the day-to-day business of the general public (cheques, commercial paper, bills, transfers, etc.).
- There exists a strong interdependence between settlement systems and the markets which they support and their participants. Consequently a problem arising in any of its components can trigger off a systemic crisis with unforeseeable implications.
Who may be interested?
This initiative is intended for all those professionals working in the financial system area and, in payment and securities settlement systems, in particular. The strong interdependence today between systems, infrastructures, participants and authorities advocates continuous monitoring of all the aspects related to business continuity.
Operational continuity and cyber resilience
Cyber risks are one of the main threats to payment systems’ and, in general, to FMIs’ operational continuity. Hence, in March 2017, the ECB Governing Council approved the Eurosystem cyber resilience strategy for FMIs, with the aim of contributing to strengthen the cyber resilience of the EU financial sector, and based on three pillars, with each of them having a different focus. The outcome of this strategy are the Eurosystem cyber resilience oversight expectations (CROE)
, the TIBER-EU framework for conducting red teaming exercises and the establishment of the Euro Cyber Resilience Board for pan-European Financial Infrastructures (ECRB)