Managing agents should maintain robust and resilient operations, embedding cyber resilience and effective third-party risk management.
To support this, managing agents should:
Managing agents should maintain robust and resilient operations, embedding cyber resilience and effective third-party risk management.
To support this, managing agents should:
Prioritise resilience of the most important services; embedding appropriate governance for operational resilience into their businesses and prioritising recovery of important business services within identified and tested impact tolerances
Invest in their operational resilience, including their control environments, so that the risk of a future event causing harm to customers or threatening the business’ viability is mitigated
Embed cyber resilience into operations; protecting their information systems, processes, people and data from external or internal compromise to prevent harm to customers, loss of data, contagion and/or reputational damage to the wider Lloyd’s market
The Market Operational Resilience Framework is intended to provide guidance to managing agents and other market participants on how to respond to outages and incidents that require collaboration as well as high level of summaries of centrally coordinated activities.
In the event of disruption to DXC or Lloyd’s STFO the following guidance should be referred to when coordinating settlement processes.
Managing Agents are required to report any breach of impact tolerances to Lloyd’s formally through this Impact Tolerance Breach reporting template. Any breaches of impact tolerances across the market are considered as part of Lloyd’s risk appetite, and Lloyd’s will need this information to accurately report to regulators in its performance relative to appetite. The form can be completed by anyone qualified to do so but should be approved by whomever is responsible for Operational Resilience at the Managing Agent reporting the Impact Tolerance Breach. Please send any completed forms to OpRiskMailbox@lloyds.com.
The Maturity Matrix for Operational Resilience is available within the Principles and Maturity Matrix document, which can be found on our Principles for doing business at Lloyd’s page.