LONDON, Oct 31 (Reuters) - Financial companies in

Britain must prepare to ensure they can deliver business

services in "severe but plausible" scenarios, such as a global

tech outage, to minimise any impact on consumers and markets,

the markets regulator said on Thursday.

In a statement outlining what lessons could be learned after

U.S. cybersecurity firm CrowdStrike's ( CRWD ) botched software update

caused global chaos in July, the Financial Conduct Authority

(FCA) said unregulated third-party problems were the leading

cause of operational incidents reported between 2022 and 2023.

CrowdStrike's ( CRWD ) popular core technology, the Falcon

platform, detects and responds to malicious threats. But an

outage on July 19 led to worldwide flight cancellations and hit

industries including banks, healthcare, media companies and

hotel chains.

The FCA, which checked in with firms over the incident to

understand its impact, said consumer harm had been minimal.

However, it said companies had until March 2025 to ensure they

could withstand such events.

It called on companies to consider a series of steps,

including ensuring that testing scenarios were adequate,

improving third-party risk controls and ensuring contracts

clearly set out responsibilities for service monitoring,

incident notification and updates during and after incidents.

"We encourage all firms, regardless of how they were

affected by the CrowdStrike ( CRWD ) incident, to consider these lessons,

to improve their ability to respond to and recover from future

disruptions," the FCA said.