Resilience To Disruption Newsletter Article Website Banner

Resilience to disruption in the modern regulatory landscape

Business continuity is a major factor in minimising the risk of consumer harms. What lessons can SME brokers take from the regulator’s guidance to bigger players? 

It stands to reason that the Financial Conduct Authority (FCA) want firms to be resilient, and to stay in business so as to support customers and avoid market-harming failure events. And while there has been much focus from the regulator over the last two years on providing ‘fair value’, this does still allow for firms to make reasonable profits along the way. 

Resilience to disruption is implicit in the systems and controls outlined in SYSC. It is more explicit in the Consumer Duty guidance relating to customer support. 

In March 2025, the FCA and the Prudential Regulation Authority, the body which regulates banks and insurers, jointly issued new rules applicable to large firms, on resilience meant to minimise the risks of consumer harms through major failures.  

These rules are complex and detailed, and small to medium firms (and intermediaries generally, where they are “Core” SMCR firms), are out of scope.  

However, there are some useful pointers in the guidance to the big firms that brokers could benefit from. 

Business continuity planning is essential 

Like insurance, we hope never to have to use it, but all firms need some form of back-up plan in case a major disruption occurs. Not only will customers be affected but there are employees to consider and of course the business itself. Real-life scenarios should be considered to test any plans. 

Identify critical services

Understand what your important business services are – what is it you do that customers rely on, such that if it wasn’t there, they would suffer? A delegated authority from an insurer is one example, particularly if you handle and settle claims. 

Model the worst-case scenario 

Consider the impact of a service failure. How long could customers go before the lack of service becomes intolerable? What back-up options do you have? Can you recover the service within that downtime period? 

How do you monitor the availability of these services? What will tell you if something is wrong? You should not have to rely on customers complaining. 

Know your dependencies

Think about who you are dependent on – outsourced service providers for example. What service level agreements are in place? 

Keep an eye on the horizon

Do you assess the risks to your business generally? How does this activity feed into your resilience planning?  

While none of us can predict the future, it pays to consider what’s on the horizon: what, realistically, could cause you a loss of activity? 

Support from the Network  

Hedron’s Compliance Consultancy Team keeps a watch on regulatory developments, with the goal of providing constructive and practical guidance in advance of any changes that might affect the way brokers do business.  

Partner brokers can access templates on our Compliance Hub, including Business Continuity Policy and Plan, Third Party Management Policy and Procedure, and Risk Management Policy and Register. We can help with guidance on how to approach risk management. 

If you just want to talk through scenarios and implications for regulatory compliance, give us a call: 0330 175 6456, or email compliance.support@hedronnetwork.co.uk