Close
operational resilience framework

Building an Operational Resilience Framework: Why Your Fund Administrator is Now a Due Diligence Question

As the prevailing market and geopolitical headwinds intensify, the onus is on asset managers to ensure that their operational resilience framework is fit for purpose. This means choosing a fund administrator that has the stability, scalability and infrastructure to navigate erratic market conditions and black swan events with confidence.

Key Takeaways

  • In today’s volatile environment, managers should choose service providers that prioritise resilience to support their fiduciary responsibilities.
  • As part of due diligence efforts, fund administrators should be assessed on cyber security controls, business continuity planning, technology infrastructure and third-party risk management.
  • Ireland offers asset managers a strong environment for fund administrator compliance, combining a stable, well-regulated jurisdiction with clear operational resilience expectations under DORA.

Why asset managers need an operational resilience framework

From rising geopolitical tensions, through to escalating market bubble fears and Artificial Intelligence (AI) induced cyber risks, the Central Bank of Ireland’s (CBI) latest Financial Stability Review presents a challenging outlook for asset managers.

Although a ceasefire agreement announced on 7 April 2026 marked an important step toward de-escalation in the Middle East, the conflict remains unresolved and uncertainty is still exceptionally high. The crisis has already triggered a major energy and trade shock, disrupting supply chains and raising inflationary pressures; risks that remain if hostilities intensify. 

The CBI noted that while the financial system and markets have so far been resilient, much depends on whether the conflict develops into a more prolonged period of instability. The CBI warned this could trigger multiple, pre-existing vulnerabilities across the financial system, including excessively high AI valuations combined with debt driven investments, exposures to the growing private credit market, and continuing liquidity mismatches and soaring leverage among certain non-bank institutions.  

These financial vulnerabilities are happening at a time when there is declining fiscal headroom across many governments, limiting their capacity to respond to external shocks.

Asset managers must brace themselves for other non-financial risks too.

The CBI highlighted that cyber-security risks are evolving fast, especially with the emergence of powerful AI tools. AI is fuelling a rise in social engineering attacks, prompt injections and data poisonings, whilst also making it easier for hackers to identify and exploit weaknesses in company operating systems.

The CBI’s concerns about cyber-crime are aligned with those of the wider industry. In its 2026 Systemic Risk Barometer, the Depository Trust & Clearing Corporation (DTCC) found that cyber risk was cited by 63% of respondents as a top 5 threat to the global financial system, ranking second only to geopolitical risk and trade tensions, which 78% of respondents placed in their top five.

What this means for fund administrator due diligence

In its paper, the CBI said that cyber-attacks can impact financial institutions both directly and indirectly, including through third-party service providers. This is something which asset managers will need to consider as part of fund administrator due diligence when selecting their partners.

The cost of getting fund administrator operational risk wrong

The risks of choosing the wrong administrator are stark for asset managers.

If an administrator lacks resilience, it may be unable to provide managers with timely portfolio or investor information during a crisis, increasing the risk of losses and reputational damage. Administrators with weak data management or fund administrator cyber-security controls are also more vulnerable to cyber-attacks, potentially exposing managers’ proprietary and sensitive information.

Institutional investors, such as pension plans and insurers, have made it clear that asset managers, even start-ups, should only work with high-calibre administrators. In today’s saturated market, investors will fail a manager on due diligence grounds if their fund administrator is not up to scratch, irrespective of performance track record.

A number of regulators, including the UK’s Financial Conduct Authority (FCA) have repeatedly told managers that while they can outsource critical activities, such as fund administration, to third parties, they cannot delegate the responsibility. Regulators are unlikely to be sympathetic where asset managers have externalised core functions to service providers who are not resilient, especially following the introduction of the Digital Operational Resilience Act (DORA).

Fund administrator due diligence: a resilience checklist for asset managers

No service provider is completely immune to these risks, but some are in a stronger position than others to manage them.

Larger providers are often better equipped than smaller firms to deal with crises, given their scalability, balance sheet strength, deep talent pools, extensive resources and global reach. For example, if, say, a natural disaster or nationwide power outage strikes (as it did in Spain and Portugal back in 2025), a well-established administrator operating across multiple markets can shift operations to other locations more easily than a single-country provider.

Administrators with robust technology systems are also well-placed.

Asset managers should therefore assess their administrators’ IT and technology infrastructure. This includes confirming that data and cyber-security governance is taken seriously and procedures are regularly stress tested, systems and software are kept up to date, and a robust administrator business continuity planning approach is in place.

Given the nature and volume of threats facing the funds industry nowadays, resilience at administrators has never been more important.

This is the standard JTC is built to meet. As a global fund administrator with a FTSE 250-listed parent and a presence across multiple jurisdictions, JTC combines the balance sheet strength and operational depth of scale with the technology infrastructure to back it up. Investran and the DDX portal give managers real-time, resilient access to portfolio and investor data, while business continuity and cyber governance are tested as a matter of course rather than reviewed only after an incident. For managers weighing up due diligence on a fund administrator, that combination of scale, technology and tested resilience is increasingly the deciding factor.

Why Ireland is well placed for fund Administrator regulatory compliance

Administrators operating out of well regulated, mature jurisdictions, are more likely to be prepared for crises. Ireland is not just politically and economically stable, its regulatory regime prioritises growth, innovation and safety in equal measure.

The CBI takes its commitment to operational resilience seriously, having implemented DORA and developed Cross Industry Guidance on Operational Resilience, a comprehensive framework outlining how firms should prepare for, respond to, recover from and learn from operational disruption. This gives asset managers a clearer regulatory backdrop for assessing administrator resilience and DORA compliance.

And finally, Ireland is also home to a large pool of industry talent, including leading administrators, lawyers and consultants who are well positioned to help asset managers get to grips with their operational resilience requirements.

The world is a volatile place right now, and given their fiduciary responsibilities, managers should only work with service providers who prioritise resilience. A considered operational resilience framework can help asset managers make that choice with greater confidence.

Strengthen your operational resilience framework

Speak to our experts in Ireland about our resilient fund administration, robust governance and the operational infrastructure that asset managers need to navigate disruption with confidence

Key contact

Strengthen your operational resilience framework

Speak to our experts in Ireland about our resilient fund administration, robust governance and the operational infrastructure that asset managers need to navigate disruption with confidence

Stay Connected

Stay up to date with expert insights, latest updates and exclusive content.

Let’s Bring Your Vision to Life

From 2,500 employee owners to 14,000+ clients, our journey is marked by stability and success.