SS4/21 – Ensuring operational continuity in resolution

1.1

This Prudential Regulation Authority (PRA) Supervisory Statement (SS) sets out the PRA’s expectations for firms to ensure the operational continuity of critical services to facilitate recovery actions, resolution, and related restructuring. It supersedes SS9/16 ‘Ensuring operational continuity in resolution’.

1.2

This SS is relevant to UK banks, building societies, and PRA-authorised investment firms (firms) to which the Operational Continuity Part of the PRA Rulebook applies.

1.3

Operational continuity of critical services during recovery, resolution, and related restructuring is supported by other parts of the microprudential regulatory framework. Alongside the Operational Continuity Part, the PRA expects that:

• firms will meet the PRA’s Fundamental Rules (in particular Rules 2–6 and 8) and the General Organisational Requirements Part of the PRA Rulebook (in particular Rule 2.5) when implementing arrangements to comply with the Operational Continuity Part and this SS;
• as set out in the Outsourcing Part of the PRA Rulebook and other regulatory requirements and expectations on outsourcing and third-party risk management, firms remain responsible when functions are outsourced to a third party. In addition, as set out in SS2/21 ‘Outsourcing and third party risk management’, firms should have appropriate governance and internal controls to identify, manage, and report risks resulting from all arrangements with third parties;¹
• the operational resilience of critical service provision should not be undermined by restructuring related to recovery or resolution. The PRA Fundamental Rules remain relevant to decision making during operational disruptions.² In addition, the PRA expects that, under the Operational Resilience Part of the PRA Rulebook and SS1/21 ‘Operational resilience: Impact tolerances for important business services’, firms should ensure they maintain operational resilience before, during, and after resolution.³ This expectation applies where critical services are also important business services under the PRA’s operational resiliency policy; and
• ring-fenced bodies (RFBs) should have regard to the Ring-fenced Bodies Part of the PRA Rulebook when implementing arrangements to comply with the Operational Continuity Part and this SS.⁴

1.4

The PRA expects that when implementing the expectations in this SS, firms will have regard to the Bank of England’s (the Bank) policies on resolvability. In particular, these include:

• Statement of Policy: The Bank of England’s Approach to Assessing Resolvability (Bank RAF SoP);
• The Bank of England’s Statement of Policy on Continuity of Access to Financial Market Infrastructure (FMIs);
• The Bank of England’s Statement of Policy on Funding in Resolution;
• The Bank of England’s Statement of Policy on Management, Governance and Communication; and
• The Bank of England’s Statement of Policy on Restructuring Planning.⁵

2.1

The Operational Continuity Part applies to firms that meet the conditions set out in Operational Continuity 1.1. The PRA will take into account the specific circumstances of firms when considering how they meet these requirements.

2.2

The PRA considers that the manner in which a UK incorporated firm should meet the requirements in the Operational Continuity Part may vary according to whether the Bank is the firm’s home or host resolution authority (‘home firm’ and ‘hosted firm’ respectively). This is because the PRA considers that this may affect how firms should prepare for resolution under PRA Fundamental Rule 8. The expectations in this SS apply to all firms in scope of the Operational Continuity Part unless otherwise stated.

2.3

Where it advances the PRA’s general objective to promote the safety and soundness of the firms it regulates, the PRA may use its power under section 55M of the Financial Services and Markets Act 2000 (FSMA) to require firms to comply with the Operational Continuity Part and the expectations in this SS. For example, if a firm has been authorised for less than 36 months but exceeds one of the three quantitative thresholds in Operational Continuity 1.1 with less than 36 months of data, the PRA will assess on a case-by-case basis whether the firm is in scope and therefore should comply with the Operational Continuity Part and this SS. The PRA will consult with affected firms before reaching a decision.

2.4

For third-country firms operating in the UK through a branch, the PRA intends to follow the same supervisory approach as that set out in SS1/18 ‘International banks: the Prudential Regulation Authority’s approach to branch authorisation and supervision’.⁶ The PRA will consider the operational continuity regime of the home authority when determining the risk appetite around the critical functions that the UK branch of the third-country firm intends to perform or is performing in the UK.

2.5

The PRA expects hosted firms to implement and maintain arrangements that meet the requirements in the Operational Continuity Part and the expectations in this SS. The PRA considers that for some expectations, as set out below, a hosted firm may be able to rely on those capabilities of its resolution group which achieve broadly comparable outcomes.⁷ The PRA considers this approach to be consistent with the Bank’s approach to assessing the resolvability of hosted firms, with reference to the capabilities of the resolution group. Those expectations are as follows:

• paragraphs 5.4 and 5.5 – information and arrangements that should be maintained to support the design and implementation of transitional service agreements (TSAs), with the exception of the reference to Chapter 9 on predictable and transparent charging structures;
• paragraphs 8.1 to 8.3 – objective service level agreements;
• paragraphs 11.2 to 11.13 – financial arrangements; and
• paragraphs 12.2 to 12.3 – management and governance arrangements.

2.6

Critical services is defined in the Operational Continuity Part and comprises those services that need to be available to one or more business units of a firm or entity of a group in order to provide functions critical to the economy or a firm’s core business lines.⁸

2.7

The PRA’s expectations relating to the identification of services that support a firm’s core business lines vary between home and hosted firms:

• For home firms, the PRA expects a firm to ensure that its identification of core business lines includes those that are core to the firm, and additionally those that are core to the whole group of which it is a part.
• For hosted firms, the PRA expects that a firm’s identification of core business lines will identify those that the firm provides, or is involved in providing, and that are core to the whole group of which it is a part. Where a hosted firm has already identified business lines that are core to the firm, it may use these for the identification of relevant critical services.
• For home and hosted firms with a multiple point of entry (MPE) preferred resolution strategy, where possible the firm should instead identify business lines that are core to the resolution group of which it is a part.⁹

2.8

For the purposes of this SS, the PRA describes the ways firms can organise the critical services they receive as:

• services provided by a business unit within the firm itself to one or more of its other business units (intra-entity);
• services received from another entity within the group of which they are a part (intra-group);¹⁰
• services received from an entity that is not part of the same group (non-group provider);¹¹ or
• a combination of the above.

3.1

Operational Continuity Chapter 2 requires firms to ensure their operational structure facilitates effective planning for, and taking action during, recovery, resolution, and related restructuring. The PRA expects firms, irrespective of their service provision model, to be able to demonstrate how their operational arrangements supporting critical services facilitate recovery and resolution. Firms should also have appropriate policies, processes, and procedures in place to be able to demonstrate how operational arrangements supporting critical services meet all other relevant expectations in this SS (see also paragraph 4.4) and the requirements in the Operational Continuity Part.

3.2

In the Bank RAF SoP, the Bank has provided a stylised timeline of how it anticipates a resolution may be conducted.¹² Where relevant, the PRA expects firms to refer to this timeline when considering how their operational arrangements facilitate recovery and resolution.

3.3

If a firm cannot demonstrate how its operational arrangements facilitate recovery and resolution, the PRA expects the firm to make changes to achieve this outcome. Supervisory judgement will be required to assess this but, as a minimum, the PRA expects firms to be able to describe what would happen to critical services if recovery options were executed or if the Bank were to apply one or more of its stabilisation powers¹³. This includes the examples listed below, where relevant:

• in cases where a firm has identified the disposal of business units or legal entities as part of its recovery strategy, how its operational arrangements support the execution of recovery options within a reasonable time;
• how their operational arrangements support operational continuity during a resolution. If the Bank (as resolution authority) has set a preferred resolution strategy of bail-in, operational arrangements should support operational continuity throughout resolution as described in the stylised timeline referred to in paragraph 3.2 above;
• how their operational arrangements facilitate related restructuring, within a reasonable time. For example, firms should be able to evidence how the arrangements facilitate separability and restructuring of group entities while ensuring continuity of critical services; and
• how their operational arrangements facilitate separability of a RFB and its sub-group from the other entities in the wider group.

4.1

This chapter sets out the PRA’s expectations on the identification and documentation of firms’ critical services, required under Operational Continuity 3.1(1).

4.2

The PRA expects firms, irrespective of their service provision model, to undertake identification and documentation of their operational arrangements for critical services. This is referred to as mapping and should include:

• identification of services. This involves identifying legal entities, business lines, or divisions that perform critical functions or are core business lines. Firms should determine an appropriate scope of critical services that support these, as well as the underlying cost structures, operational assets, and any interdependencies; and
• documentation of operational arrangements. Firms should maintain comprehensive documentation of service arrangements. This should be updated at least annually or in a timely manner following material changes to firms’ service provision. Documentation could take the form of a service catalogue and should enable timely access to, at a minimum:
  • identified critical services and the critical functions or core business lines they support;
  • the service provision model used;
  • information about each party, including jurisdiction;
  • service level agreements;
  • contractual arrangements;
  • pricing;
  • operational assets used, including ownership information;
  • relevant policies, processes, and procedures; and
  • interdependencies.

4.3

The PRA expects firms to ensure that information relating to their operational arrangements for critical services is available when and where needed. Firms should be able to access, search, extract, and leverage the information in a timely manner in planning for and executing recovery actions, resolution, or both. This should also include providing information, where requested, to the PRA, Bank (as resolution authority), a bail-in administrator appointed by the Bank, or (for hosted firms) the home resolution authority.

4.4

The PRA expects that firms should be able to use the identification and documentation of their critical services to demonstrate to the PRA that they have comprehensively identified all critical services.

4.5

The PRA expects firms to consider how they may be able to use the identification and documentation of their critical services to support implementation of other PRA policies, or leverage other record-keeping requirements to support their OCIR identification and documentation. Other relevant requirements include the expectations on record-keeping contained in SS2/21 ‘Outsourcing and third party risk management’,¹⁴ and Rule 4.1 (Mapping) in the Operational Resilience Part of the PRA Rulebook.¹⁵ Chapter 1 of this SS sets out further links to other, non-OCIR requirements and expectations.

5.1

In implementing Operational Continuity 3.1(2), firms should have the capability to ensure continuity of critical services during possible changes to service provision resulting from restructuring related to recovery or resolution.¹⁶ Firms should have the capability to ensure continuity irrespective of the scenarios that they may encounter during such a restructuring and should take different scenarios into account in planning for continuity.

5.2

The PRA expects firms to consider how their capabilities would be effective in practice. The ways firms could meet this expectation include, but are not limited to, maintaining a playbook or documented and tested procedures.

5.3

At a minimum, the PRA expects firms to be able to develop and implement transitional service agreements (TSAs), in a timely and prudent manner, during recovery, resolution, and related restructuring. TSAs support the continuity of a particular critical function or core business line by facilitating, without interruption, the transfer of the provision of relevant critical services to another provider, or the separation of a firm’s activities that are supported by critical services.

5.4

The exact design of a TSA cannot be determined in advance of resolution, as it will depend on the circumstances of the firm in resolution. Firms should have appropriate operational arrangements, and availability of relevant information, to support them in designing and implementing the TSAs as they become necessary in resolution. In order to do so, the PRA expects that, at a minimum, firms should maintain:

• information about interdependencies among firms and service providers (Chapter 4 of this SS);
• objective service level agreements (Chapter 8 of this SS);
• predictable and transparent charging structures (Chapter 9 of this SS); and
• management and governance arrangements (Chapter 12 of this SS).

5.5

The list in paragraph 5.4 is a minimum expectation. The PRA expects firms to consider whether further arrangements, in addition to the expectations listed in paragraph 5.4, may be necessary to maintain their ability to design and implement TSAs. The PRA expects that if a firm identifies any further arrangements necessary to meet the expectation in paragraph 5.4, it will put them in place in a timely manner.

5.6

Where one or more of a firm’s critical services involves services provided via a direct relationship with a Financial Market Infrastructure (FMI) and is in scope of the Bank’s SoP ‘Continuity of Access to Financial Market Infrastructures (FMIs)’, the PRA considers that firms may be able to leverage their contingency planning under that SoP to meet the expectations in this chapter with regard to those services.

6.1

Operational Continuity 3.2 sets requirements relating to agreements governing the provision of critical services. Where there are agreements or contracts between two entities, it is expected that the steps to achieve this could include, but are not necessarily limited to:

• clauses in agreements or contracts for critical services provided by intra-group or non-group providers that allow for continued provision and use of services in stress and resolution. Contracts or agreements should remain valid and enforceable before and after the firm or a group member has entered stress or resolution, provided there is no default on payment obligations (this does not apply if the contract ends due to an upcoming maturity date); and
• clauses in agreements or contracts that allow for the continued use of such products or receipt of such services by entities for a reasonable period of time following their disposal by a group, in order to support restructuring. These clauses should support a firm in designing and implementing TSAs (see Chapter 5).

6.2

The steps outlined in paragraph 6.1 are not exhaustive. The PRA expects firms to consider what additional steps they may need to take to comply with Operational Continuity 3.2.

6.3

The PRA does not expect firms to apply the expectations set out in paragraphs 6.1 and 6.2 to excluded agreements or agreements with an excluded person, as defined in Operational Continuity 1.5. To be an excluded agreement, an agreement must satisfy each of the three conditions of an excluded agreement as defined in Operational Continuity 1.5.

7.1

In implementing Operational Continuity 4.3, the PRA expects firms to be able to demonstrate that, in the event of a deterioration in the financial circumstances of another group member, a group provider continues to treat the firm in accordance with:

• the existing agreement governing the provision of critical services if the firm receives the services from an intra-group service provider; or
• the relevant documentation if the firm receives critical services from an intra-entity service provider.

8.1

For all service provision models, objective documentation of service provision helps to identify operational interdependencies, may guide restructuring efforts, and provides a basis for TSAs.

8.2

In implementing Operational Continuity 3.1, the PRA expects firms to ensure that the arrangements for the provision of critical services are objective and well documented, and include the following as a minimum:

• clear parameters against which service provision can be measured, including quantifiable and qualitative metrics and performance indicators;
• the provider and recipient(s) of the service;¹⁷
• the nature of the service and its charging structure;
• any onward provision to other entities or sub-contracting to non-group providers; and
• for intra-group and non-group critical services, provisions that terms and pricing should not change as result of a party to the contract entering stress or resolution (see Chapter 6).

8.3

The PRA expects that, consistent with Chapter 4 of this SS, objective SLAs are comprehensive, up to date, and accessible. This includes being able to provide relevant information to the PRA within a reasonable timeframe, if requested.

9.1

This chapter sets out the PRA’s expectations regarding charging structures, as required under Operational Continuity 3.3 and 3.3A. Appropriate charging structures for critical services can help to ensure that service provision can more easily be transferred, if needed, to another service provider during resolution or restructuring. This may include the development and implementation of a TSA and should support the capabilities described in Chapter 5 of this SS.

9.2

Charging structures should be on terms that allow the service provider to be readily substituted with another service provider, such that critical services could be provided on an uninterrupted basis. The PRA’s expectations on charging structures vary according to firms’ service provision models:

• For all types of service provision model, charging structures for critical services must be predictable and transparent. The PRA expects that a charging structure should enable any future charges for critical services to be either known or calculable. The charging structure should be clear and easily understood, enabling firms to understand at a sufficiently granular level the charges for each critical service. This does not mean that the PRA expects payments for services to pass between business units of the same firm in the case of intra-entity critical service provision; and
• For intra-group and non-group providers, charging structures for critical services must also be set on arm’s-length terms.

10.1

In implementing Operational Continuity 3.4, the PRA expects firms to be able to demonstrate how access to operational assets supporting critical services will be maintained at the point of stress, resolution, or related restructuring of the firm, another group entity, or the service provider itself. This applies irrespective of the firm’s service provision model.

10.2

Types of operational assets the PRA considers should meet this expectation include, but are not limited to, technology, data, intellectual property, premises, licences, and leases.

10.3

This expectation is particularly important for subsidiaries where a subsidiary’s parent company (or another subsidiary on behalf of the group) negotiates contractual arrangements at a group level.

10.4

If firms cannot adequately demonstrate that they will have continued access to the operational assets of any group entity in resolution, the PRA may expect the operational assets necessary for performing critical services to be owned or leased by the same firm that receives the critical services.

11.1

In implementing Operational Continuity 2.3, the PRA expects firms to have arrangements in place to ensure, on a forward-looking basis, that they:
(a) can meet payment obligations for critical services, including through recovery, resolution, and related restructuring; and
(b) ensure that intra-group critical service providers would remain financially resilient during recovery, resolution, and related restructuring. Generally, financial resilience is achieved by providers of critical services having the financial resources to be able to absorb losses and by them having adequate liquidity. Firms should also manage the risks associated with the assets and liabilities of critical service providers.

11.2

The PRA expects firms to identify risks to fulfilling the requirement under Operational Continuity 2.3, including the expectations under paragraph 11.1 of this SS, and, wherever possible, take remedial action. The PRA expects that the identification of risks related to the financial resilience of service providers includes the risk of internal frictions that may arise in resolution, whereby financial resources that are available within the firm’s group cannot be accessed by a critical service provider in a sufficiently timely manner. These may arise due to issues such as complex or outdated processes, procedures, or systems.

11.3

The PRA expects firms’ identification of risks under paragraph 11.2 of this SS to be supported by scenario analysis that enables the firm to understand the risks to continuity of critical service provision from severe, but plausible, scenarios that the firm may face during recovery and resolution. The PRA expects firms to consider multiple scenarios that are relevant to their business models and are sufficiently severe to test the operational continuity of critical service providers. Firms should be able to use their scenario analysis to demonstrate to the PRA, on request, that they have fulfilled the requirement under Operational Continuity 2.3, including the expectations under paragraph 11.1 of this SS. Scenarios could include, but are not limited to:

• the impact on a firm’s ability to pay for critical services on time as a result of entering resolution. This may be affected by, but is not necessarily limited to, changes in the price of critical services received, and operational issues experienced by the firm, arising as a result of resolution;
• the impact on continuity of critical service provision of a critical service provider experiencing delayed receipt of a payment due for services provided to the firm;
• the impact on continuity of critical service provision of a critical service provider experiencing an expense-revenue mismatch during resolution, which may arise from reduced demand for services from entities in resolution, but constant fixed overheads for the service provider. This may be caused by financial or operational issues;¹⁸
• the impact on continuity of critical service provision of exceptional costs that a critical services provider may be exposed to in a stress scenario or resolution. These may include, but are not limited to, employee costs (including retention and redundancy payments) or the write down of intangible and relationship-specific assets; and
• any other risks to operational continuity identified by the firm.

11.4

The PRA expects firms to monitor and maintain early warning indicators of risks in being able to meet, in recovery, resolution, and related restructuring, the requirement in Operational Continuity 2.3, and the expectations described in paragraph 11.1 of this SS.

11.5

The PRA expects that firms should leverage existing capabilities where possible to fulfil the intended outcome of the expectations described in paragraphs 11.3 and 11.4. This could include, but is not limited to, capabilities developed to fulfil the PRA’s recovery planning policy,¹⁹ and information available due to firms’ capabilities to fulfil the Bank’s expectations in the SoP ‘Funding in Resolution’.²⁰ Where firms can demonstrate that the intended outcome is met through existing capabilities, the PRA does not expect firms to duplicate work.

11.6

Specifically for liquidity, the PRA expects firms to ensure that intra-group critical service providers have access to, at a minimum, liquidity resources equivalent to 1/6^th of annual fixed overheads of the critical services they provide to the firm (OCIR liquidity resources).

11.7

Where the minimum amount of OCIR liquidity resources is insufficient to mitigate risks identified by firms under paragraph 11.2, firms should ensure that intra-group service providers have access to additional liquidity resources to cover these risks. The PRA expects firms to be able to demonstrate to the PRA, upon request, that this minimum amount of OCIR liquidity resources is sufficient to mitigate risks identified by the firm under paragraph 11.2 with respect to intra-group service providers in resolution. Firms may use the scenario analysis described in paragraph 11.3 if appropriate.

11.8

The PRA expects the intra-group critical service provider to calculate its annual fixed overheads for critical service provision to a firm in accordance with the applicable accounting framework. Commission Delegated Regulation EU 2015/488²¹ includes items that may be excluded from the calculation of fixed overheads.

11.9

The PRA expects that OCIR liquidity resources should be maintained at all times, and that the OCIR liquidity resources should be immediately available to the intra-group critical service provider in resolution. These resources should only be used to support the operational continuity of intra-group critical services during resolution. Firms should maintain appropriate governance arrangements, policies, processes, and controls to meet this expectation.

11.10

The outcome set out in paragraph 11.9 can be achieved by the intra-group service provider owning the OCIR liquidity resources. Alternative ownership arrangements can also be used if firms can demonstrate to the PRA’s satisfaction that the arrangements will achieve the outcome set out in paragraph 11.9.

11.11

Firms should also ensure that OCIR liquidity resources are in the most appropriate location to meet the outcome outlined in paragraph 11.9. This may include holding the liquidity resources with a third party. The PRA expects firms to be able to explain how and where such assets are held, as well as the arrangements for access in resolution.

11.12

Firms should also consider how they would monetise OCIR liquidity resources to meet the outcome in paragraph 11.9. This could be achieved by OCIR liquidity resources being the same types of assets that qualify as high-quality liquid assets (HQLA). Firms may use other types of assets as long as those assets would be immediately available to the intra-group critical service provider in resolution. The PRA expects that OCIR liquidity resources and HQLA held for the purpose of Liquidity Coverage Ratio (LCR) and Net Stable Funding Ratio (NSFR) standards, at either firm- or group-level, are not double-counted.

11.13

An RFB must comply with the PRA’s ring-fencing rules and with ring-fencing legislation when meeting the expectation that its intra-group critical service providers maintain their own OCIR liquidity resources. The ring-fencing regime aims to protect RFBs from the failure of group entities outside of the ring-fence. Accordingly, to meet both ring-fencing requirements and the PRA’s expectations regarding OCIR liquidity resources, the resources maintained by an intra-group critical service provider that is part of a group containing an RFB, where such services are provided to an RFB, may either be held by the service provider itself, with an entity within the RFB sub-group, or on behalf of the service provider with a third party outside of the group. OCIR liquidity resources held on behalf of the service provider, or deposits made by the service provider, with any other entity within the non-ring-fenced part of a group, even after resources are monetised, would be at unacceptable risk.

12.1

Operational Continuity 4.2 sets requirements relating to the management and governance structures of intra-entity and intra-group critical service providers. The PRA expects that all intra-entity and intra-group critical service providers are supported by effective management and governance arrangements. Effective management and governance supports operational continuity by ensuring clarity of management responsibilities in resolution, sufficient seniority of service provision management, and continued availability of staff critical to ensuring the continuity of service provision.

12.2

In ensuring that effective management and governance arrangements are in place, the PRA expects firms to take into account other relevant PRA requirements and expectations, including those described in Chapter 1 of this SS. In addition, the PRA expects that the arrangements supporting an intra-entity or intra-group critical service provider’s management and governance structure should include, but are not limited to:

• being able to demonstrate that the critical service provider has management of sufficient seniority in place who are responsible for the day-to-day running of services, and who could ensure the critical services would continue to be performed in a resolution scenario;
• ensuring that critical service providers do not rely on senior staff that perform significant duties for other entities in the group. In cases where a member of senior staff has multiple roles within the group, the PRA expects firms to ensure the responsibilities for critical services are not deprioritised in resolution;
• ensuring that critical services providers do not rely excessively on senior staff remunerated by other entities in the group. Firms should anticipate that staff responsible for the running of the service provider will still need to be remunerated in a resolution scenario. As such, the main part of their remuneration should be paid by the service provider and they should be employed by the service provider, where the critical services provider is a separate group entity;
• ensuring the availability of staff (including senior staff) in OCIR key job roles that support the continuity of critical services. This should be interpreted as a subset of the key job roles firms may have identified to develop the capabilities described in Chapter 4 of the Bank’s SoP ‘Management, Governance and Communication’;²² and
• having change capabilities, including sufficient staff and expertise, to support service continuity during changes that arise during resolution and restructuring.

12.3

The PRA expects firms to be able to articulate to the PRA the management and governance arrangements a critical services provider has in place.

12.4

Responsibility for operational continuity in resolution should be clear and explicit. Where it exists, the Chief Operations Senior Management Function (SMF) 24 may hold overall responsibility for implementing OCIR policy. As set out in paragraph 2.11H of SS28/15 ‘Strengthening individual accountability in banking’, the PRA recognises that the responsibilities likely to be allocated to the SMF24 may overlap with other Prescribed Responsibilities.²³ For instance, responsibility for operational continuity may be subsumed under the Prescribed Responsibility in Rule 4.1(10) of the Allocation of Responsibilities Part of the PRA Rulebook (‘responsibility for developing and maintaining the firm’s recovery plan and resolution pack and, where relevant, resolution assessment, and for overseeing the internal processes regarding their governance’). As long as accountability for all relevant responsibilities is clear and explicit, firms may allocate them in whichever way best reflects the way they organise themselves in practice. Further information on the SMF24 function is contained in SS28/15.

13.1

The PRA has a discretionary power to waive or modify rules under section 138A of FSMA, where the application of rules would be unduly burdensome or would not achieve the purposes for which the rules were made, and so long as the waiver or modification would not adversely affect the advancement of the PRA’s objectives.

13.2

The PRA expects firms, as part of their forward planning, to anticipate when they may come into scope of different PRA and Bank resolution-related policies, including OCIR. Firms should plan for this well in advance and consider how they will transition to meet these policies. For new and growing banks, a similar expectation is set out in SS3/21 ‘Non-systemic UK banks: The Prudential Regulation Authority’s approach to new and growing banks’.²⁴

13.3

Depending on the circumstances of firms, and whether they could anticipate coming into scope of the Operational Continuity Part, the PRA may consider the granting of a waiver or modification of the relevant requirement or requirements to postpone the implementation of OCIR policy to allow for an appropriate implementation period. Examples for which the PRA may consider granting a waiver could include certain cases of mergers or acquisitions, or cases in which a firm performs a critical function when it previously did not perform any critical functions but met one of the conditions in Operational Continuity 1.1.