More than two-thirds of critical operations have been mapped and about half of scenario testing completed.
For most, the midsummer IT crash prompted by Crowdstrike has faded into the deep, forgotten mists of our socially media-frenzied brains.
Yet the memory of the magnitude of the worldwide disruption more than likely festers in the minds of operational resilience specialists everywhere, and a banking regulator here or there.
Far-reaching Consequences
As an example of the latter, HKMA executive director Carmen Chu used it to reinforce the «far-reaching consequences» of our tech-heavy, interconnected world during opening remarks on Monday at an industry-sharing session between the regulator and the Hong Kong Association of Banks (HKAB).
«While the impact of the incident was limited for banks in Hong Kong, it does serve as a wake-up call for banks to promptly implement robust frameworks that enable the continuation of critical operations even in severe but plausible scenarios,» she indicated.
Final 2026 Deadline
She discussed the progress local banks had made towards becoming operationally resilient under the Basel Committee for Banking Supervision rules under which institutions needed to have a framework developed by May of last year, with full resilience expected by the slated final May 2026 deadline.
According to her, all banks had developed the relevant frameworks, and that certain major banks had tightened tolerance limits related to potential disruptions as a result of the HKMA’s feedback.
Significant Progress
Chu went on to discuss the current phase of the rollout, which involves mapping and scenario testing.
Here she maintained that about 70 percent of all critical operations have been mapped at the major institutions, with about 50 percent of scenario testing completed.
No Simple Task
«We appreciate that mapping and testing are not simple tasks. The increasing complexity of banking operations underlined by multiple dependencies would require a sophisticated GPS on top of a traditional map,» Chu stated.
