Russia's invasion of Ukraine and the importance of an operational and cyber risk defence
Related people
Tom Balogh
Executive Director, A&O Consulting
London
Tom Anderson
Executive Director, A&O Consulting
London
Marc Teasdale
Managing Director, A&O Consulting
London
Ricki Gupta
Manager, A&O Consulting
London
Jane Finlayson-Brown
Partner
London
Nikki Johnstone
Partner
London
Susanna Charlwood
Partner
London
Headlines in this article
Related news and insights
Publications: 27 March 2024
Increased Focus on Forced Labor in the U.S. and EU: Enforcement and Legislation
Publications: 21 March 2024
Publications: 28 February 2024
Diverse foreign investment landscape presents challenges for dealmakers
Publications: 28 February 2024
EU Foreign Subsidies Regulation increases M&A regulatory burden
The FCA on 8 March 2022 set out five areas that firms should be watchful of following Russia’s invasion of Ukraine.
- Cybersecurity: firms should review the NCSC’s guidance, and consider their ability, as well as that of third-party providers, to withstand a cyber-attack. Appropriate steps should be taken to strengthen security controls, improve staff knowledge and awareness, and review third-party dependencies, alongside ensuring personnel levels are adequate to address increased cyber risk.
- Important business services: the impacts of sanctions (UK/US/EU) should be reviewed to ensure they do not impact a firm’s ability, or the ability of their third-party providers, to continue to deliver important business services.
- Business continuity and incident management arrangements: firms should ensure formal business continuity and incident management plans and processes exist and are updated, and that responses are comprehensive and coordinated to allow for the firm to continue to meet regulatory obligations should an unexpected event materialise.
- Reporting incidents: the FCA have emphasised that quick notification of cyber incidents or outages to the FCA and other UK authorities is extremely valuable during this period, not least to enable them to provide input and mitigate the risk of harm whether to individual consumers or the sector as a whole. The FCA reminds firms to report material operational incidents to the FCA in “a timely way”.
- False information: firms should be vigilant of false information that may be circulated during times of unrest, and have a clear and concise response plan readily available to help prevent harm to consumers or market integrity.
The complete FCA publication can be found here.
How we can help
Across our international network, our operational and cyber risk experts can support you during these uncertain times. Please do get in touch with our A&O cybersecurity practitioners, and A&O regulatory consulting advisory practice to learn more about how we support our clients and how we can help you meet the FCA’s expectations during these uncertain times.