Regulatory Wrap Episode #47: Learning from the CrowdStrike Outage
In Regulatory Wrap for the week to November 8, Jennie Clarke explores regulatory stances on operational resilience, especially in light of the CrowdStrike incident in July.
What does the CrowdStrike outage teach us about operational resilience?
The historic IT outage that affected 8.5 million Microsoft Windows devices is a cautionary tale about the need for stringent operational resilience testing and planning, especially as regulatory expectations continue to rise.
Getting priorities straight – Key takeaways from the SEC’s 2025 Examination Priorities
The SEC’s 2025 Examination Priorities continue trends seen throughout 2024. However, in line with developing interest areas, there is an increased weight placed on topics like AI and operational resilience.
Non-financial risks
For some compliance officers, risks are like heavy and dark clouds waiting to rain on the business. While some risks may never occur, it’s their responsibility to ensure you pack-a-mac, and put a plan together if the rain comes down.
Stand the resilience test – OSFI adds to the operational resilience conversation
In line with measures other regulators have taken, OSFI released its final Guideline E-21 on operational risk and resilience, which outlines expectations for firms to prepare for and respond to disruptive events that could affect business operations.
Now you see it, now you don’t – How to overcome the compliance risks of ephemeral messages to meet DOJ guidance
The Department of Justice (DOJ) has made it clear that it expects organizations to have plans in place to manage the increased use of disappearing messages. We explore the compliance implications of ephemeral messaging and set out five key steps to both mitigate risk and meet DOJ obligations.
Down, not out – What happens when service providers go dark?
The recent CrowdStrike outage affecting over 8.5 million Microsoft Windows devices and causing worldwide disruption has raised questions around how firms can ensure their operational resilience can withstand critical service providers ‘going dark’.
Compliance & Conversation: Exploring DORA
On 3 July, 2024, we were joined by compliance and surveillance experts for our Compliance & Conversation event. Bradley Rice, Partner, Financial Services Regulation at Ashurst, explored the potential impacts of upcoming EU operational resilience legislation – DORA.
On Demand: Compliance & Conversation – Exploring DORA
Watch on-demand and learn what the EU's Digital Operational Resilience Act (DORA) means for the financial services space.
Regulatory Wrap Episode 30: The FCA’s Operational Resilience Insights
In Regulatory Wrap for the week to May 31, Jennie Clarke discusses the theme of operational resilience, specifically reviewing the focal points the FCA highlighted in its operational resilience insights.