Upcoming Operational Resilience regulations– what is the value for family offices | Deloitte UK has been saved
Limited functionality available
Enhancing operational resilience in the UK Family Office sector
Operational Resilience is the ability to prevent, adapt, respond to, recover and learn from operational disruptions. Operational disruptions and the unavailability of important services have the potential to harm to those using those services.
It is the assumption that disruptions are a matter of ‘when’, and not ‘if’, that the regulators are focussing on, and FCA and PRA regulated Boards are sitting up and taking the incoming Operational Resilience regulations due at the end of this quarter very seriously. But is there anything for family offices to learn from these regulations?
This concept of operational resilience is not new and making sure family members are receiving key services as and when they need them is a top priority, and this is much wider that keeping the investment processes running smoothly. What would happen if the family office was not able fund any key purchases for 24 hours? Or communication channels (e.g. e-mail database) were down to prevent authorisation of payments? Are there alternative ways to provide the family with services and liquidity to respond to their needs? How quickly can these workarounds be put in place? Would it affect individual family members to differing levels?
The regulations have brought fresh thinking to operational resilience, starting with the concept of causing ‘intolerable harm’ – i.e. if the most important services cannot be provided for a period of time. The concept of a family member’s tolerance for lack of provision of key services will be well understood and keenly felt, but how advanced is the understanding of the level of tolerance differing by service or family member? What is required to provide that service? And critically - what are the alternative ways to provide that service if things go wrong?
Traditional continuity practices have tended to focus on how to recover individual resources the business uses, like IT systems or buildings. But the shift in thinking now starts with the service being provided, understanding what is critical to make that possible, and also understanding the various alternatives available to enable provision of that service. This paints a more holistic picture of operational resilience.
The operational resilience of the family office as a stand-alone entity is not in isolation however. The vast majority of family offices will outsource at least one key service (payroll, HR, finance, custodianship of investments), with many operating a much more complex model of outsourcing.
The question of resilience is therefore not just about the processes within the “four walls” of the family office. It is critical also to consider:
Whilst we would be the first to recognise that the majority of family offices are not required to comply with this regulation; this is one standard where a proactive approach to adapting those principles will have clear benefits to the ultimate users of the family office – the family.
By adopting the rigours of this approach, the family office can be confident that they are doing all they can to ensure ongoing stability over the provision of the services they deem to be the most important to the family (with any break of service being within tolerable, and pre-determined and agreed levels), whatever the world throws at them in 2021.
Jessica is a Partner within our Audit and Assurance business where she leads our Investment Management Assurance practice. She is an Investment Management and Private Equity specialist with a background in Audits, and for a number of years has led our Family Office Audit and Assurance business. In 2022, Jessica also took on the role of IM&W ESG lead across our entire practice. She has spent 17 years at Deloitte focussing on the Investment Management sector where she started in our audit practice, setting up the family office audit and assurance team before moving into a 50/50 audit and assurance role and taking over the leadership of our Investment Management assurance team where she specialises in controls and operations assurance. Jessica works across the whole Investment Management sector, including large listed businesses as well as large private asset managers – including PE houses, Family Offices, Sovereign Wealth Funds and Endowment Funds. Jessica is passionate about the ESG agenda, and in 2022 took on the role as UK IM&W ESG lead. She leads a cross service line industry team responsible for leading on external and internal eminence for IM&W ESG and supporting our IM&W clients to navigate their ESG journey’s. She also sits on the firms Sustainable Finance Board, as well as representing the UK firm for IM&W in EMEA and NSE.
Rafik has been with the UK practice for 18 years, since he was an intern during University. He originally joined the Enterprise Risk Services department, which he was within for 13 years. He has since moved into the Investment Management practice within Audit. His role within the department until recently focussed on Technology Risk and Control, where he act as the IT specialist on nearly all the external audit jobs within the department's portfolio.
Asli is a Manager in Deloitte’s Financial Services Internal Audit within Risk Advisory in London, specializing in the provision of internal audit and advisory services. She has a strong background in internal audit, internal control, management consulting and risk assessment. Her key areas of focus include regulatory reviews, product governance and middle office operations.