In particular, the regulatory review that examined 38 financial market infrastructures (FMIs) in 29 countries found that the FMIs’ recovery plans fall short of expectations in the event of a disaster such as a natural disaster or a major system failure.
“The business continuity management of some and possibly many FMIs does not seem to aim to resume operations in a timely manner, even in the event of a widespread or major disruption,” said the regulators.
The review found that IT systems can be recovered within two hours of a major incident and that FMIs should be able to process transactions by the end of the day of the disruption, even under “extreme circumstances”.
“As this is a serious problem, CPMI and IOSCO expect the relevant FMIs and their [regulators] addressing this with the highest priority, ”reads the review.
FMIs generally got through the pandemic without serious disruption, she added, moving to remote working and maintaining critical functions.
“Although the Covid-19 pandemic did not cause service interruptions, it presented some operational challenges,” the report said. For example, large volumes of trade in the early days of the pandemic presented challenges for some FMIs.
The episode “also highlighted operational risks emanating from third parties such as critical service providers,” and the pandemic has also exacerbated cybersecurity risks, the report said.