Skip to main content
Version date: 4 December 2023 - onwards

2.4. Proportionality

The failure or disruption of a critical service may have a greater impact on financial stability if it affects larger, more complex financial institutions, which may in turn warrant stricter regulatory expectations and more intensive supervision.

Consequently, the FSB developed the toolkit in a way that considers proportionality. Proportionality in the toolkit focuses primarily on how financial institutions' management of third-party risks may vary based on their business model, complexity, cross-border presence, function, risk profile, scale, structure and size. Some of the tools in Chapter 3 may be appropriate for large, complex financial institutions but disproportionate or unsuitable for small, less complex financial institutions. Thus, financial institutions with a smaller operational footprint and fewer resources may be subject to proportionate regulatory expectations in terms of how they manage third-party risks and other operational risks [For instance, Article 16 of the EU's Digital Operational Resilience Act (DORA) imposes simplified ICT risk management requirements on certain, in-scope small and non-interconnected financial institutions.], compared to larger or more complex institutions. The principle of proportionality applies to the use of the suggested tools in this report, and to the frequency and intensity of their use.