Retail platforms in the UK are being asked to invest in their operational systems to avoid financial harm to their users.
In a recent ‘Dear CEO’ letter, the Financial Conduct Authority (FCA) told firms that, following a surge in retail investor activity during the pandemic months, several platforms suffered IT outages and severe operational issues.
But the regulator said these were “clear examples of severe but plausible operational disruptions causing harm to consumers and negatively affecting market confidence”.
As a result, the FCA is now urging all platforms to “invest in their systems to ensure that they keep pace with the growth of their business and remain fit for purpose”.
They will be required to have contingency plans in place to deal with any future disruptions, and to carry out a “thorough analysis and testing” of their IT upgrades and migrations to reduce incidents and outages that may be harmful to clients.
The watchdog’s head of investment platforms and Sipp operators department, Andrea Konrath, said that the FCA will be collecting data on service disruptions on an ongoing basis which will “enable us to identify outliers and take appropriate action”.
Future implementation
On 31 March 2022, a set of rules and guidance on building operational resilience will come into force, and firms will be required to identify their most important business services for this purpose.
They will need to set “impact tolerances” to assess at what point disruptions would cause “intolerable harm to consumers or risk to market integrity”, Konrath added.
“Firms must map the resources that support their important business services and test their ability to remain within their impact tolerances through a range of severe but plausible events. Firms must have communication strategies in place to respond quickly and effectively to operational disruptions.
“Firms should compile, and regularly review, a self-assessment document which shows how they meet our operational resilience requirements. The document should be made available to us on request.”
Konrath also said that the FCA doesn’t believe that all material incidents subject to notification requirements – also known as SUP 15 notifications – are being reported.
As a result, the regulator expects companies to notify “any matter which could have a significant adverse impact on the firm’s reputation, or which could affect the firm’s ability to continue to provide adequate services to its customers”.
This includes operational disruptions.
