Operational Risk and Resilience

Core Areas of Specialism

GD Financial Markets Operational Risk and Resilience Practice provides risk advisory solutions across operational risk, third party risk management and operational resilience.


Across the 3 lines of defence


PRA and FCA regulation and beyond


Operational Risk Management

Given the increased industry focus on the threats and opportunities associated with operational risks, financial services firms are beginning to revaluate their operating models and operational risk management practices.

GDFM helps organizations transform the ways they leverage people, business processes, controls, third-party relationships, technology and data in order to deliver forward looking and proactive risk management.

Drivers for change:

  • Operational risks and losses are increasing exponentially i.e. financial crime, data protection, cyber security
  • Inconsistent operational risk management processes
  • Activities that are not aligned to the operational risk management framework draining precious resource
  • Box-ticking activities that do not deliver proactive risk management
  • The need for stronger oversight and challenge from risk managers
  • An increasingly cost-conscious market environment
  • Enabling greater career opportunities through specialisation and better role definition
  • Regulatory guidance

Operational Resilience

What is operational Resilience? 

Operational resilience is the ability of firms and FMIs and the financial sector as a whole to prevent, adapt, respond to, recover and learn from operational disruptions.

Operational resilience takes and end-to-end view from the perspective of a firm’s customers and any disruption is deemed inevitable and business led.

Key benefits of strengthening Operational Resilience include reduced likelihood of disruption, enhanced reputation and compliance with incoming regulation.

GDFM is well positioned to support our clients to deliver in a way which is proportionate and delivers organisational value.

Why does it matter now?

Factors contributing to the need for Operational Resilience:

  • Incoming PRA and FCA regulation for Operational Resilience and Outsourcing
  • Increased outsourcing within the value chain generating increased complexity
  • COVID-19 highlighting the impact and increased likelihood of disruptive events, especially with firms’ increased vulnerability due to remote working

Outsourcing and Third Party Risk Management

The use of third parties is nothing new — companies have worked with suppliers, outsourcers, licensees, agents, and the like for years. What has changed, however, is the frequency and scale of third-party use to provide critical services and the consequent regulatory focus on how organizations are managing third parties to address the inherent risks.

The use of third parties has well known benefits however, the increasingly complex supply chain will bring additional risks. Managing this risk requires an effective framework covering governance, onboarding, oversight and exit. A mature outsourcing and third party risk management programme shows an understanding that only the process is outsourced with the operational risks still owned by the outsourcing firm. A focus on managing relationships with third parties will also enhance operational resilience and support firms operational continuity in resolution policy.

Third parties cover a range of services to include; cloud services, payment services, other intragroup entities and shared service centres to name a few. Due to the varying nature of these services due diligence must cover a variety of areas and must take into account Nth parties.

Outsourcing and Third Party Risk Management

Our outsourcing and third-party risk management offerings help organizations understand and manage the risk exposure that emerges from their relationships with internal and external service providers.

Our expert team can support you with the following:

  • Global regulatory requirements and practical application of the rules
  • Develop and enhance your existing TPRM programme or function
  • Risk assessment of you internal and external service providers and services
  • Operating model for ongoing oversight and risk management
  • Technology enablers
Laurence Profile Photo_Business
Laurence Parish

Head of Risk Advisory

Having spent most of his career working for Tier 1 global investment banks, Laurence has a comprehensive understanding of investment banking financial instruments, the products offered to corporate and commercial customers, financial & cyber-crime risks & controls, and the UK regulatory environment. This is underpinned by 15 years’ experience in Financial Services Operations roles.

Contact Our Team