A Board-Level Problem: Why Operational Resilience Has Become a Defining Accountability Issue in Financial Services and Insurance
Citrix, Tuesday, June 2nd, 2026
Operational resilience has become a board-level accountability issue for financial institutions facing new regulatory requirements and workforce continuity challenges.
Financial services and insurance organizations now face regulatory pressure to demonstrate operational resilience far beyond traditional disaster recovery, with regulators like DORA, FFIEC, and NIS2 requiring proof of control during disruptions.
Modern institutions depend on complex chains of identity systems, cloud platforms, and legacy infrastructure, making them vulnerable when any single dependency fails, often leaving employees unable to work. Traditional approaches like cloud redundancy and zero trust security don't solve the core problem of maintaining employee access when identity or network services fail.
Citrix proposes an access-centric resilience model that maintains a separate, governed access layer independent of outage causes, allowing critical teams to continue working and providing regulatory evidence of controlled response.
Boards increasingly ask whether their institution can maintain operations if key infrastructure like identity providers went offline, and institutions unable to answer this question with confidence face growing operational and regulatory exposure.