Close this search box.

Aspida Insights

Simon Walker

Chief Operating Officer

Building Business Resilience

COVID-19 has caught a lot of companies out. As the immediate impact of the health crisis recedes, examples of fundamental and structural devastation in many businesses are starting to emerge. But how much of that is due to a lack of sound foundations and planning – especially around business resilience?

Business resilience is the ability an organisation has to quickly adapt to disruptions while,  maintaining continuous business operations and safeguarding people, assets and overall brand equity.

The challenge to build and maintain resilience differs geographically and by industry, both of which factors can have
a significant impact. However, fundamental questions around business resilience apply to most businesses, regardless of sector and region.

The boards of all regulated businesses are required to ask various questions of themselves each year, particularly in relation to ensuring good corporate governance. The crisis has radically altered the risk environment in which all businesses operate and which all boards must consider.

The impact is such that the questions typically considered by boards have changed. Consider some of these matters and how the pre-crisis questions need to change, given the new lens though which the world should now be considered.

  • Do we have a BCP plan and do we have a Disaster Recovery Suite? Are we able to switch to an operating model where all colleagues can operate remotely?
  • Has the board reviewed the latest Financial Resources Requirement (FRR)? Is the board comfortable that the FRR surplus is sufficient and how is it trending?
  • Do we have Professional Indemnity (PI) insurance? Do we have Business Interruption (BI) insurance and do we understand the terms?
  • Do we have appropriate persons in our prescribed positions? Is the Compliance Officer able to carry out his/her role effectively whilst unable to physically visit client offices?
  • Do we have the appropriate level of information security within the business? Do we have the appropriate level of information security regardless of whether colleagues are working from within an office environment or from their homes?

In addition to these changed questions, there are some key areas that require a complete rethink.

  • What are our top risks? These will have changed so an urgent review of the risk register and mitigating actions will be required.
  • How does the crisis impact our operating model? COVID-19 has created an imperative for companies to reconfigure their operations and an opportunity to transform them.

Boards also need to consider how to satisfy their regulators that their key concerns have been effectively mitigated.

  • Demonstrable ability to provide continuous service to customers
  • Ongoing financial health
  • Ability to continue to fulfil regulatory obligations, such as compliance testing

It is extremely unlikely that a pandemic of similar or more dangerous nature will not recur. Now is the time to heed these lessons and ensure that we have the ability, and resilience, to adapt much more quickly. Now is the time to build future resilience. Doing nothing, given this practice run, would be tantamount to a failure to discharge duties, with the consequent risks that entails.

We recommend 3 immediate changes required in most businesses:

  1. Businesses must understand the potential impact of this risk and the way in which it connects with operations means that a complete review of your risk register and mitigation plans needs to be undertaken by the board as soon as  possible. Now, more than ever, board members need to be able to think in an adaptable manner.
  2. Contingency planning will need to sit at the very centre of the business to be discussed at board level and involve an overhaul of operating models. This cannot remain a typically formulaic, bureaucratic box-ticking exercise which is invisible at the strategic level.
  3. Part of the shift to a more digital model has been forced upon most businesses. Now is the time to maintain the pace of change and implementation of a suitable risk management platform is a good example which would allow remote operation in the normal course of business.

Aspida has been supporting clients throughout this crisis and continues to advise and support businesses as they work to shore up their defences and build their resilience. We are happy to give impartial, confidential guidance and support to boards at this time as they consider the issue of business resilience and work to build a more robust base for the future.

Download the”Building Business Resilience PDF here
Aspida Insights is where we draw on our knowledge, experience and expertise in key business areas such as compliance and risk management, regulation and corporate governance to offer our thoughts, forecasts and advice on a range of topical issues or areas of client concern.

The Intersection of Technology and Regulation

Technology now plays a crucial role in solving Governance, Risk Management, and Compliance (GRC) challenges by providing tools that can streamline processes, enhance data analysis, ...
Read More »

FATF publishes new guidance document

Michael Calleja | Senior Compliance Services Executive | Malta In March 2024, the FATF published risk-based guidance to support the application of FATF Recommendation 25 ...
Read More »

Mastering Compliance: Navigating Risks & Regulatory Returns with Aspida’s Expertise

Michael Calleja | Senior Compliance Services Executive | Malta As we find ourselves in that pivotal time of year where subject persons traditionally undertake the ...
Read More »

Your partner in protecting and growing your business

Subscribe to receive our latest news, views and event information

Scroll to Top