A fast-growing UK-based FinTech firm offers savings accounts, cryptocurrency accounts, domestic bill payment services, and services that allow customers to make payments in different currencies. A senior operations manager at the firm is developing a plan to comply with new UK regulatory requirements for operational resilience. Which of the following steps should the manager recommend that the firm take to best comply with the regulatory expectations in this area?