Contact us
Contact us
Case study

Strengthening the Operational Resilience framework of a global insurer

Matt N
Lead partnerMatt Neill
Lead partnerMatt Neill

A global insurance firm identified significant shortcomings in their approach to Operational Resilience (OR) following a departmental performance review.

Collaboration between the OR team and business stakeholders had collapsed in key areas such as incident management, crisis management and business continuity planning, resulting in problems such as a near miss serious data breach by a software vendor onboarded with inadequate due diligence.

With stretched internal capacity, the firm sought to bring in external expertise. They needed experienced OR resource to quickly understand the landscape, identify gaps and plan remedial actions. BeyondFS were engaged due to our track record in shaping and implementing governance frameworks, and deep industry expertise of OR​

  • Industry segment

    Insurance

  • Function

    Operational Resilience

  • Core capabilities

    Operational Resilience

Key outcomes delivered

  • Eliminated Op Res remediation backlog by closing 50+ case

  • Reduced annual Op Res review cycle time by 50%, from 8 months to 4 months

  • Introduced best-practice third-party risk management, and halved the level of complexity in the crisis management framework

multi-ethnic-group-three-businesspeople-meeting-modern-office-two-women-caucasian-man-wearing-suit-looking-laptop-computer

Results

Cases closed

0

Eliminated Op Res remediation backlog by closing 50+ cases

reduction

0 %

Reduced annual Op Res review cycle time by 50%, from 8 months to 4 months

reduction

0 %

Introduced best-practice third-party risk management, and halved the level of complexity in the crisis management framework

Approach

Transformation of OR Practices and Third-Party Risk Management

  • Over a six-month period, the BeyondFS team provided assurance for the firm’s OR practices against regulatory requirements and industry best practice.
  • We reviewed current business processes through a fresh lens, identifying opportunities to improve speed and quality of service, including upgrades to supplier due diligence, enhancing business continuity plans, refreshing the incident management framework, and developing the Third-Party Risk Management (TPRM) delivery plan for the coming year.
  • As an example, the client’s overcomplicated 42-question Business Continuity supplier due diligence form was rarely completed correctly, and often not returned at all. BeyondFS streamlined this into a 12-question risk assessment and introduced clear criteria to guide onboarding decisions based on the responses.
  • Our understanding of the current state for 3rd Party Risk Management (TPRM) enabled us to propose a target TPRM framework and process flow aligned with the firm’s risk appetite.
Outcome

Streamlining Processes and Strengthening Governance for Global Compliance and Crisis Readiness

  • We closed over 50 risks identified for remediation, eliminating all backlog, and delivered nearly 100 new OR plans to serve 10 legal entities worldwide, incorporating lessons learned from action closures. This reduced the impact of regulatory and operational risks and mitigated any likelihood of regulatory intervention.
  • The OR annual review cycle time was reduced by 50% (from 8 to 4 months), thanks to new operating guidelines with clarity of ownership and governance procedures.
  • The number of teams and touchpoints in the Crisis Management escalation structure was halved, with one central team for rapid triage in the event of an incident. Decision-making was expedited and the potential for confusion was reduced due to a simplified Incident Response and Crisis Management Framework across policies, standards, plans and playbooks.
  • The client now has a target state TRPM framework, industry best practice TPRM due diligence, and a better governance structure for collaborative working and service delivery to business stakeholders.

“I would like to take this opportunity to personally thank you for the work you have done for me and the team. You have helped me immensely and made a real difference at a time when I was facing multiple challenges on different fronts, while simultaneously trying to improve our client engagement on Operational Resilience.”

Head of Operational Resillience