Operational Continuity – the next battle to fix 'too big to fail' in the UK

Resolution planning remains the key legislative framework in Europe to resolve failing banks outside of ordinary insolvency proceedings, which are ill-suited to address the complexity of systemic banks and the threat they pose to financial stability in the domestic economy. 

1 January 2019 is the critical date in the UK regulatory calendar: that is when the UK Prudential Regulatory Authority’s (PRA) operational continuity requirements come into effect. Banks are working furiously to meet this regulatory deadline. 

For a long time, operational continuity remained a relatively unknown term outside of the hallowed portals of the PRA, the Bank of England, blue chip law firms and accountancy firms. In its supervisory statement setting out the rules relating to operational continuity, the PRA described their purpose as follows: ‘[for] firms to ensure operational continuity of critical services to facilitate recovery action, orderly resolution and post-resolution restructuring […] Critical services are those services that need to be available to one or more business units of a firm or entity of a group in order to provide functions critical to the economy.’ 

Put simply, the recent legislative measures in the United Kingdom to require banks to raise loss absorbing capital, produce resolution plans and ring-fence their retail activities from their investment banking businesses are important. But any resolution of a failing UK bank would fall at the first hurdle if that bank could not prevent critical services (provided internally by the bank’s affiliates or externally by third party commercial suppliers) ceasing upon the bank’s entry into resolution. To illustrate, a resolution measure to place certain affiliates into insolvency and transfer a substantial part of the bank’s business into a new entity would become a redundant exercise, if the principal external IT provider for the bank’s systems, or the landlord of the leased building in which the bank’s staff are housed, terminated their underlying contracts with the bank on the basis of a change of control and/or insolvency events.

The European Banking Authority provided guidance on the minimum list of critical services which a bank would require in resolution. These include, amongst others: the provision of IT services, real estate, payroll, internal compliance, risk, and cash management. 

Using the EBA’s list as a starting point, the PRA’s rules seek to mitigate operational continuity risk by focussing on a number of key areas. 

Firstly, the rules require banks to (i) undertake comprehensive identification, mapping and documenting of critical services (both internal and external) to the critical economic functions (CEF) which the bank performs in the UK and (ii) provide evidence that the bank can maintain access to the key operational assets that are required for the performance of CEFs. Key operational assets can include data, IT, intellectual property and real estate. It is important to note that not all businesses which the bank performs will be CEFs.  For example, retail deposits and payment services are likely to qualify as a CEF, whereas a lucrative, but institutional focused, commodities business may not. Third party suppliers providing market data necessary for the commodities business to function will not be critical to operational continuity planning, but an outsourcing firm which facilitates the customer service for retail depositors will be. 

Financial resilience of service providers is a material point of focus. Affiliates of the bank, within and outside of the UK, will be required to hold fixed amounts of segregated liquidity resources to ensure that the costs associated with the provision of their services continue in resolution.  Examples of this include where an offshore affiliate provides payment or invoice processing services under an intercompany service level agreement. The purpose of this requirement is to avoid affiliates (on the instruction of a parent company outside of the UK or an overseas regulator in the jurisdiction where the affiliate is established) terminating an internal service for lack of payment. 

Finally, firms will be required to make changes to their underlying contracts with internal and external service providers. The acquisition by Barclays of certain businesses within Lehman Brothers demonstrated the challenges of identifying and negotiating the critical services required under transitional services agreements with commercial vendors and intercompany services agreements that occur when a failing bank is sold. The changes require that, so long as the UK bank continues to meet its payment and other material obligations, the service provider cannot terminate or amend the service solely because the bank or any of its affiliates are subject to resolution or insolvency proceedings.  

To conclude, the volume of work required to implement these requirements is not to be underestimated.  UK firms have thousands of documented and undocumented service arrangements to review (at a challenging time when significant internal resources are allocated to managing the establishment of new European vehicles to service continental clients post-Brexit). However, this regulatory theme shows no sign of abating. This month, a cohort of UK regulators released a discussion paper on operational resilience. This dialogue, that will have to include a conversation on a cross border framework for international banks’ operational resilience, is just the beginning.

Musonda Kapotwe is a Director in the Fixed Income and Equities Legal Division at Citibank N.A.