At Compass 2023 – Fusion’s most important event of the year and the pinnacle of our ENGAGE customer program – numerous customers shared stories of how they’re navigating complex challenges in an era of constant disruption. During one of our customer-led sessions, “Enabling Resilience with Third-Party Risk Management”, Nazir Vellani, Vice President of Enterprise Resiliency at Fidelity Investments, depicted a fascinating journey to continuity and resilience at his organization – a journey that his organization has been able to successfully navigate in partnership with Fusion.
Nazir had previously worked in risk management in other industries, including retail, consumer products, and automotive. When he started his current job two decades ago, his specialty was in disaster recovery, but he stated that he’s always thought about risk management in terms of shock absorbers: expect shocks to occur and design your continuity and resilience programs in a way that allows you to absorb small shocks but also manage significant disruptions. An example that he referenced was that if you pick up a nail in your tire, you’d most likely be able to get to the next gas station in time for a repair – but if your tire blows out instead, your options are limited.
In a world where crises are continuously compounding, the question is: how do you prepare your organization for inevitable shocks and a potential blowout?
Start with executive buy-in – and lean on your vendors
Nazir explained that in his early days, disaster recovery meant “return to normalcy”. After the COVID-19 pandemic, it meant “return to a normalcy” – but not the one that we were all used to. As he noted, we now live in a “business unusual world” – and we shouldn’t expect that to change.
Nazir, as well as panelists from another customer-led session, shared that in order to navigate this new normal and begin the journey to business continuity and operational resilience, you need to get more than 80% of executive management involved. Top managers must clearly know what all needs to be done; that’s getting “buy-in”. But it also helps when you can get the entire enterprise involved because while a crisis might directly affect a smaller percentage of the organization, it ultimately impacts everyone.
As part of the discussion, our customer panelists explored the different definitions for enterprise resilience and operational resilience. They explained that enterprise resilience focuses on a holistic approach and helps prevent data silos from impeding an organizational view of risks, whereas operational resilience focuses on interrelated business functions that respond seamlessly, even under high-stress conditions. In either case, customers stated that an organization needs to know if it is leveraging its vendors to the fullest (including Fusion!). Risk practitioners are tasked with protecting their organization’s associates, employees, customers, assets, etc. – but they can’t do that alone, and they also can’t do it if they’re only using 30% of a vendor’s valuable solution. Be sure to ask your vendors for a report card so that you can understand if your organization is fully leveraging its trusted partners.
Ask the right questions to find the right path
During his session, Nazir recounted a story of when a past CEO mandated that they get rid of paper and move entirely to digital commerce – and so his journey to continuity and resilience had a new challenge! He worried that that approach wouldn’t work with some customers, vendors, and regulators and could result in potential risks like outages, losing customers for good, and regulatory fines. For example, what if some customers couldn’t perform testing or other basic functions as a result? As he explained, that’s when they realized that they needed to change their risk mindset from disaster recovery to business continuity. And as our panelists later noted, that’s where Fusion proves invaluable.
During his session, Nazir shared that Fusion project managers took a deep dive into the vulnerabilities that his organization was facing in switching from paper to digital commerce. “It was like turning a Rubik’s cube,” he said. What would happen if a vendor or customer went down? How far reaching of an impact would that have? And how long would it take to recover operations? While keeping those possibilities top of mind, Nazir, his team, and Fusion project managers also needed to connect the dots with the regulatory environment and demonstrate how the organization’s business continuity and operational resilience protocols worked, that they had sound policies, and that they had a clear plan in place to avoid failure. Having this type of proactive and dynamic plan in place also alleviated the fear of large fines – which several other prominent financial services firms have recently encountered.
By working closely with Fusion, Nazir was able to not only create a robust and successful continuity and resilience plan, but he was able to create multiple plans – one for each affected vendor or customer that outlined specific steps that each needed to take to ensure continuity of operations. As a result, his organization reduced its response time by 32% – and he was able to show the C-suite the exact cost to the organization. Rubik’s cube solved.
Did you miss Compass 2023? Reach out to the Fusion team to discuss takeaways from the event and learn how we can help on your journey to business continuity and operational resilience. Fusion customers can also access Compass session recordings directly on Fusion Central.