The Principles for operational resilience (the POR) were published in 2021 and build on the Basel Committee on Banking Supervision’s Principles for the sound management of operational risk (the PSMOR), originally issued in 2011, revised in 2014 and revised a second time simultaneously with the issuance of the POR.
While the PSMOR establish principles for operational risk management, the POR seek to promote a principles-based approach to improving operational resilience as an outcome of effectively managing operational risks that may arise from disruptions, such as pandemics, natural disasters, cyber attacks or technology failures.
The approach adopted by the POR reflects banks’ experiences during the Covid-19 pandemic and their increased dependence on third parties for the provision of financial services. The POR define operational resilience as a bank’s ability to deliver critical operations in the face of disruption. This ability should enable a bank to identify and protect itself from threats and potential failures. Moreover, it should allow the bank to respond, adapt to, recover and learn from, disruptive events to reduce their impact on the delivery of critical operations in the face of disruption. Banks should assume that disruptions will occur and define their overall risk appetite and “tolerance for disruption” accordingly.
The POR should be applied consistently across the organisation on a consolidated basis consistent with the scope of the Basel Framework, and with due consideration of the bank’s recovery and resolution plans. Read more here