Highlights and key components of the engagement
The situation presented, challenges and opportunities
Perenna are in the process of applying for a UK banking licence.
Firms that want to become banks in the UK must be authorised by the PRA and FCA.
To achieve this a firm needs to be well governed with solid foundations and be operationally resilient and ready to carry out the regulated activities applied for at the time of their authorisation. This entails having reliable and scalable processes across all relevant areas including technology, information security and third-party management delivering resilience.
In the first quarter of 2021, the regulators also issued their policy statements on Operational Resilience. These require banks and other relevant institutions to prevent disruption to systems occurring to the extent practicable; adapt systems and processes to continue to provide services and functions in the event of an incident; return to normal running promptly when a disruption is over; and to learn and evolve from both incidents and near misses.
Game Plan Development
Strategic direction and recommended approach
To build a robust policy framework, processes and systems to meet business and regulatory requirements and tight deadlines across a number of areas.
Xcina Consulting conducted multiple workstreams for this new applicant to the UK banking sector assisting them in meeting their regulatory as well as business requirements, as part of the process of building a resilient organisation and robust processes and systems which can be trusted. Perenna wanted to set high internal standards to ensure they will be resilient when they attain their licence and start interacting with customers.
How we arrived at the solution
Xcina Consulting designed, planned and executed a programme of work to support Perenna in meeting the regulators’ latest operational resilience requirements as well as establish an effective Business Continuity Management System aligned to the ISO22301 international standard.
The principal workstreams covered:
1. Establishing the firm’s Information Security Management System (aligned to the ISO27001 standard).
2. Setting up its IT Service Management System aligned to the ITIL and ISO20000 standards.
3. Delivering its Outsourcing and Third-Party Management framework in line with PRA, European Banking Association (EBA) and business requirements.
4. Conducting a full Business Impact Analysis across all business functions with the teams at Perenna.
5. Documenting the Business Continuity Policy and Strategy.
6. Documenting relevant Business Continuity Plans.
7. Identifying and mapping the Important Business Services to be managed within their established impact tolerances.
8. Carrying out Due Diligence on critical third-party providers.
Xcina acted as an extension of the Perenna team and supported them with documenting their strategy for the above.
Results and Outcome
The value created and benefits to the business in terms of improvements rolled out and the impact of them (business growth and position in the sector)
All of the above workstreams were completed within the agreed timescales as well as within budget and fully met and exceeded Perenna’s expectations. The work with Perenna was very collaborative, prompting interesting debates about how best to meet and exceed regulatory expectations. There was clearly an interest from Colin and the team in finding the best solutions rather than just leaving it to Xcina – it was and remains a very close working relationship. We felt part of the team, immersed in the business and not like an outsider.
Some of the work we undertook centred around new and evolving regulations, and one of the advantages of a new firm is that they can start with those standards, there was no adaptation or remediation work to get to the new standards, so the process was very efficient. The work that Perenna has done will put it in a strong position with its peers.
Colin Bell, COO & Co-Founder at Perenna
Senior Director and Regulatory
Speak to me directly by Email, or
Telephone:+44 (0)20 3745 7826