LogoRegulatory Alerts
2022-09-27

Regulations amending Finansinspektionen’s rules on operational risk management (FFFS 2021:22)

Finansinspektionen amended its regulations and general guidelines (FFFS 2014:4) to update the management of operational risks for banking companies, investment firms, and clearing undertakings. The revision introduces specific definitions for key terms including contingency plans, incidents, continuity plans, and recovery plans to align with EU regulatory standards. These changes apply at the group level and entered into force on 07 July 2021.

Finansinspektionen logo

Sweden

Finansinspektionen

Click to view thumbnail

Finansinspektionen’s Regulatory Code Publisher: Chief Legal Counsel Eric Leijonram, Finansinspektionen, Sweden, www.fi.se ISSN 1102-7460 This translation is furnished solely for information purposes. Only the printed version of the regulation in Swedish applies for the application of the law. 1 Regulations amending Finansinspektionen’s regulations and general guidelines (FFFS 2014:4) regarding the management of operational risks; decided on 22 June 2021. Finansinspektionen prescribes pursuant to Chapter 6, section 1, points 9–13 of the Securities Market Ordinance (2007:572) and Chapter 5, section 2, point 5 of the Banking and Financing Business Ordinance (2004:329) that Chapter 1, sections 2 and 5 of Finansinspektionen’s regulations and general guidelines (FFFS 2014:4) regarding the management of operational risks shall have the following wording. Chapter 1 Section 2 These regulations apply to

  1. banking companies,
  2. savings banks,
  3. members’ banks,
  4. credit market companies,
  5. credit market associations,
  6. investment firms as referred to in Chapter 1, section 2, first paragraph, point 7 c–f of the Credit Institutions and Investment Firms (Special Supervision) Act (2014:968), and
  7. undertakings with authorisation to conduct clearing operations in accordance with Chapter 19 of the Securities Market Act (2007:528). The regulations, in accordance with Chapter 3, section 4 of the Special Supervision of Credit Institutions and Investment Firms Act (2014:968), shall be applied at group or subgroup level. For an undertaking referred to in the first paragraph, point 7, the regulations apply only to the undertaking’s organisation, processes and personnel for managing IT systems (IT operations). Section 5 In these regulations and general guidelines, the same definitions are used as in Chapter 1, Section 3 of Finansinspektionen’s Regulations and General Guidelines (FFFS 2014:1) regarding governance, risk management and control at credit institutions and Finansinspektionen’s Regulations (FFFS 2007:16) governing investment services and activities, unless otherwise stated in the regulations. In addition, the following definitions apply FFFS 2021:22 Published on 30 June 2021

FFFS 2021:22 2

  1. contingency plan: a plan describing the measures that an undertaking is to take to deal with serious and extensive interruptions, disruptions or crises,
  2. incident: an event that has or is at risk of having an adverse effect on the undertaking’s operations, assets or reputation,
  3. continuity plan: a plan describing how operations are to be maintained in the event of an interruption or a major operational disruption,
  4. operational risk: the same as in Article 4(1)(52) of Regulation (EU) No 575/213 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and amending Regulation (EU) No 648/2012,
  5. process: a chain of consecutive activities that produces a result based on a certain input of resources, and
  6. recovery plan: a plan describing the priorities and procedures according to which an undertaking shall revert to normal operations following an interruption or major operational disruption.

These regulations shall enter into force on 07 July 2021. ERIK THEDÉEN Kristina Wollter

Share