COVID-19: Pandemic Planning for Financial Service Providers

Now that COVID-19 has been declared a pandemic, we anticipate that most financial service providers (“Firms”) will have started to implement their pandemic plans.  Over the coming weeks and months these plans will need to be reviewed and adjusted as the pandemic evolves. This briefing outlines some of the key issues to consider from a regulatory perspective during this time as well as recent statements by regulators on COVID-19.

Pandemic Planning

Pandemic planning poses unique challenges in that a pandemic’s scale and scope tends to differ substantially from that of other types of disasters, malicious acts or terrorist events.  This means that pandemic plans need to be sufficiently flexible to effectively address a wide range of possible issues that could arise during the course of a pandemic and be capable of rapid readjustment.  However, Firms also need to continue to comply with regulatory requirements, including regarding governance, conduct of business risk, outsourcing and reporting.


Pandemics pose key problems from a staffing perspective as staff become ill or otherwise unavailable for work. This includes senior management and each Firm will need to ensure that it has identified in advance an individual who can take over the responsibilities of each of its key decision-makers at short notice. Given the indeterminate scale and nature of a pandemic, it would be advisable to ensure that succession planning is also in place for that individual.

Compliance with fitness and probity requirements may become an issue during the course of a pandemic, particularly as regards pre-approval controlled functions (“PCFs”). In this respect, it is useful to note that it is possible to permit a person to perform a PCF role on a temporary basis. However, according to the Central Bank of Ireland's ("Central Bank's") Fitness and Probity Guidance, this should only be relied on in truly exceptional circumstances.

More broadly, a Firm will need to ensure that it can continue to perform critical operations in the event that large numbers of staff are unavailable for prolonged periods.  All staff will need to know what is expected of them, how they should prepare and how they will be communicated with during the course of the pandemic.  For further information on dealing with employees, please see our related briefing here.

Conduct of Business

Conduct of business risk can be broadly defined as any action of a Firm or individual that leads to customer detriment, or has an adverse effect on market stability or effective competition.  It has been a key area of focus for the Central Bank for some time and the Central Bank expects each Firm to ensure that its decisions lead to good outcomes for customers as well as for the markets as a whole.

During stressful times it could be easy to lose focus on conduct of business risk and decision-makers need to ensure that the customer remains front and centre of their pandemic decision making. In addition, each Firm will need to ensure that it communicates effectively with its customers (and counterparties) on how they are likely to be impacted by the pandemic, for example regarding changes in service levels such as business hours and response times or in contact details.

We are already seeing a number of customer focused decisions on the market as a number of the retail banks have recently announced that they will offer mortgage and loan repayment deferrals to customers affected by COVID-19.

Outsourced Functions

The Central Bank expects a Firm that has outsourced functions to have a business continuity process in place, to mitigate potential risks of financial instability and consumer detriment.

Each Firm will need to ensure that its outsourced service providers can continue to perform its outsourced functions. This should include evaluating the business continuity plans of critical service providers and monitoring those providers throughout the course of the pandemic to ensure that critical services are available. A Firm will also need to keep its exit strategies under review in response to evolving developments.

Fundamentally, a Firm must ensure that it maintains clear and effective communication lines with its outsourced service providers so that each is aware of ongoing developments and their potential impact on the Firm’s critical services.  A Firm may also need to consider outsourcing additional functions in the event that it is no longer able to perform those functions itself. Firms may also wish to consider developing coalitions with outside parties in order to provide support and maintenance for vital services and to coordinate information sharing efforts.  


Firms will need to maintain open lines of communication with the Central Bank throughout the course of the pandemic. We expect that the Central Bank may ask to see a Firm’s pandemic management contingency plan or ask for information as to its content. Firms will need to be prepared for such requests as the response time-frame could be very short. 

As set out in more detail below, to-date, regulators have issued a number of statements regarding COVID-19 and we expect that these will be followed by further statements in due course. Firms will need to ensure that they keep abreast of any updates regarding regulatory expectations.

Regulators' Statements

A number of regulators have issued communications regarding COVID-19, including the following:

The Central Bank

According to a statement published by the Central Bank on 4 March 2020 (here), it expects regulated firms to have appropriate contingency plans in place to be able to deal with major operational events, and it is working with the financial sector to ensure that firms are responding effectively to the evolving situation.

The European Central Bank - Banking Supervision (ECB-BS)

On 12 March 2020, ECB-BS announced a number of measures designed to provide banks directly supervised by ECB-BS with temporary capital and operational relief in reaction to COVID-19 (here). These include allowing banks to use capital and liquidity buffers fully and to partially use capital instruments that do not qualify as Common Equity Tier 1 capital to meet Pillar 2 Requirements (for example Additional Tier 1 or Tier 2 instruments).

ECB-BS is also discussing with banks individual measures, such as adjusting timetables, processes and deadlines. For example, ECB-BS will consider rescheduling on-site inspections and extending deadlines for the implementation of remediation actions stemming from recent on-site inspections and internal model investigations. ECB-BS is also considering extending deadlines for certain non-critical supervisory measures and data requests.

These actions follow a letter sent by ECB-BS, on 3 March 2020, to all significant banks to remind them of the critical need to consider and address the risk of a pandemic in their contingency strategies. Banks were asked to review their business continuity plans and consider what actions could be taken to enhance preparedness to minimise the potential adverse effects of the spread of COVID-19. ECB-BS will engage with banks to ensure the continuity of their critical functions. The letter can be accessed at the link above.

European Banking Authority (EBA)

The EBA published a statement on actions to mitigate the impact of COVID-19 on the EU banking sector on 11 March 2020 (here). Significantly, according to the EBA’s statement:

  • the EU-wide stress test exercise is postponed to 2021 to allow banks to prioritise operational continuity, including customer support. For 2020 the EBA will carry out an additional EU-wide transparency exercise in order to provide updated information on banks’ exposures and asset quality to market participants;
  • Competent authorities (including the Central Bank) should plan supervisory activities, including on-site inspections, in a pragmatic and flexible way and possibly postpone those deemed non-essential. Competent Authorities could also give banks some leeway in the remittance dates for some areas of supervisory reporting.
  • Competent Authorities should make full use of the flexibility already embedded in the regulatory framework. The ECB-BS decision to allow banks to cover Pillar 2 requirements with capital instruments other than common equity tier 1 (CET1) is an example.

European Securities and Markets Authority (ESMA)

On 11 March 2020, ESMA recommended a number of actions by financial markets participants for COVID-19 impact (here), as follows:

  • Business Continuity Planning: all financial market participants, including infrastructures, should be ready to apply their contingency plans, including deployment of business continuity measures, to ensure operational continuity in line with regulatory obligations;
  • Market Disclosure: issuers should disclose as soon as possible any relevant significant information concerning the impacts of COVID-19 on their fundamentals, prospectus or financial situations in accordance with their transparency obligations under the Market Abuse Regulation.
  • Financial Reporting: issuers should provide transparency on the actual and potential impacts of COVID-19 in their 2019 year-end financial report if these have not been finalised, or otherwise in their interim financial reporting disclosures.
  • Fund Management: asset managers should continue to apply the requirements on risk mitigation and react accordingly.

What's Next?

The next few months are likely to present a number of challenges for Firms, some of which can be foreseen and others which cannot.  McCann FitzGerald stands ready to help Firms in their pandemic planning and can offer assistance across the full spectrum of activities, including governance and oversight arrangements, employment, third party relationships, monitoring the latest regulatory developments and dealing with information requests from regulators.

This document has been prepared by McCann FitzGerald LLP for general guidance only and should not be regarded as a substitute for professional advice. Such advice should always be taken before acting on any of the matters discussed.