Financial Services Continuity
The Federal Government through Financial and other Regulatory Bodies requires Financial Services Continuity and Resilience through numerous rules, regulations and policy statements. This means that the Financial Services industry requires that banks, credit unions, brokerage firms, and others have business continuity and disaster recovery plans to ensure the availability and continuity of critical financial and other services.
While Financial Institutions may be impacted by incidents of power outages, natural disasters, cyber-attacks, terrorism, and other disruptions. Customers and federal regulators expect them to be able to continue their normal business operations and continue to provide financial services.
Keeping the financial institutions running and operational is done through the creation of Business Continuity, Crisis Management, and Disaster Recovery plans. Starting with Risk Assessments and Business Impact Analysis financial institutions assess the impact on their businesses and then begin selecting strategies to mitigate and create contingencies to keep their businesses available.
Here at the Erwood Group, we understand that financial Institutions are different in that they face some of the toughest regulations and compliance requirements than other industries. They are required to have minimal downtime and must capture every transaction and then retain that data by law.
Building strategies and plans alone are not enough to sustain operations. This is where we at Erwood Group assist Financial Institutions to build Resilience and Operational Endurance™ through our continuous improvement methodology and system of Learn, Practice, Implement, Challenge™.
What is the Difference Between Resilience and Operational Endurance™
Resilience is the ability to bounce back from adversity. It’s about being flexible, adaptable, and able to recover quickly from setbacks. Endurance is the ability to keep going, even when things are tough. It’s about having the stamina and perseverance to see things through to the end.
So how can you build resilience and Operational Endurance™ into your Financial Institution?
Here are a few tips:
- Develop a Crisis Management Plan: Create a plan that outlines how your business will prepare, respond, manage and recover from different types of crises. This plan should include procedures for communication, evacuation, and business continuity.
- Test your Plans through thorough exercises to make certain it works noting gaps and holes and creating additional strategies and contingencies to overcome obstacles and shortfalls.
- Train staff through these exercises. But exercises alone are not enough. Hold meetings and team discussions, smaller exercises and drills around strategies, response capabilities, supply shortages, staff shortages, etc.
- Develop strong business continuity plans for critical core financial institutional functions and processes. Ensure that staff knows workarounds and strategies when processes and functions must rely on tasks outside of their ‘normal’ methods.
- Develop robust IT Disaster Recovery (DR) plans and strategies along with solid backup to prevent crippling cyber-attacks and outages.
- Ensure backup power strategies are in place and tested often. Financial Institutions rely heavily on electricity for computer equipment and other critical systems. Having backup power systems in place, such as generators, is essential. Be certain to know how you’ll resupply fuel needs as well as generator run time.
- Maintain communications by having multiple methods and types of communication ready for when normal communication methods are down. This includes, but is not limited to satellite phones, handheld radios, paper forms, and even runners to distribute communications to ensure they can communicate with staff and customers as needed.
- Implement, manage and control a robust and secure supply chain. Ensure that secondary and tertiary supply relationships are developed and maintained. Make plans for finding ways to obtain new suppliers as needed and to find ways to manage with no new supplies coming in for an extended period.
- Coordinate and work closely with local emergency services such as police, fire and Emergency Medical Services where it makes sense.
By taking the steps mentioned above, banks, credit unions, brokerage firms and others can ensure they are well-prepared to continue providing financial services after a disaster. While disasters can be challenging, with the right preparation and planning, financial service businesses can help ensure the safety and well-being of their staff, and the ability to provide their financial services even in the most adverse conditions.
At Erwood Group we are ready to assist financial services in creating, maintaining and enhancing emergency plans, crisis management planning, business continuity planning and disaster recovery planning to ensure their resilience and Operational Endurance™.
Need help to prepare your bank, credit union, or brokerage?
Whether you run or are responsible for a local, regional, or national bank, credit union, or just one brokerage or office we have the experience to assist you in rapidly developing, implementing, and enhancing new or existing plans for your Operational Endurance™.
Additionally, with our experience in the financial industry if you operate any type of financial industry office we can help you with your business preparedness, Readiness Capability™, emergency planning, crisis management, business continuity, IT disaster recovery, data backup, cybersecurity, and other areas of concern.
- Credit unions
- Brokerage Firms
- CPA & Accounting Firms
- Mortgage Company
- Title Company
- Financial Planer
Contact us and set up your Free Initial Consultation.
Regulations And Compliance
There exist many regulatory and compliance rules that impact Financial Services and other industries. Below are just some of these Applicable Rules.
Rules that the financial industry is subject to in this area:
FFIEC Business Continuity Management Booklet: The Business Continuity Management (BCM) booklet is one in a series of booklets that comprise the Federal Financial Institutions Examination Council (FFIEC) Information Technology (IT) Examination Handbook which reflects customer and industry expectations for the resilience of operations.
View the FFIEC Business Continuity Management Booklet for further information.
Applies To: U.S. Banks and Service Providers, Credit Unions
Financial Industry Regulatory Authority (FINRA) Rule 4370: This requires each firm to create and maintain written Business Continuity Plans (BCPs), conduct annual reviews of its BCP and must meet minimum requirements. In addition to an annual review, your firm must update its BCP in the event of any material change to your firm’s operations, structure, business, or location.
View FINRA Rule 4370 for additional information.
Applies To: All FINRA members
NCUA Letter to Credit Unions: Stating with NCUA 97-CU-03 of April 1997 Coporate (sic) Business Resumption And Contingency Planning and continuing with NCUA 01-CU-21 Disaster Recovery and Business Resumption Contingency Plans, and others. The National Credit Union Administration (NCUA) also recommends that members reference the FFIEC Business Continuity Management Booklet.
Applies To: Credit Unions
FDIC: Sound Practices to Strengthen Operational Resilience FIL-103-2020: Issued by the Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System, and the Federal Deposit Insurance Corporation.
Applies To: Individual national banks, state member banks, state nonmember banks, savings associations, U.S. bank holding companies, and savings and loan holding companies that have average total consolidated assets greater than or equal to (a) $250 billion or (b) $100 billion and have $75 billion or more in average cross-jurisdictional activity, average weighted short-term wholesale funding, average nonbank assets, or average off-balance-sheet exposure.
Applies To: large and complex domestic firms.
Investment Advisers Act Of 1940 – Rules and Regulations Proposed Rule Change – 17 CFR 275: SEC proposed a rule to require registered investment advisers to adopt and implement written business continuity and transition plans. The proposed rule is designed to ensure that investment advisers have plans in place to address operational and other risks related to a significant disruption in the adviser’s operations to minimize client and investor harm.
Applies To: U.S. securities broker-dealers.
NYSE Rule 446/NASD 3510/3520: SEC Approved rule established in 2004 requires members to establish and maintain business continuity strategies and plans relating to an emergency or a significant business disruption. It also requires that members’ plans be reasonably designed to meet customer obligations.
Applies To: All members and member organizations of the NYSE or NASD.
Who it applies to: All members and member organizations of the NYSE or NASD.
Commodity Futures Trading Commission (CFTC) Rule 23.603: requires the establishment and maintenance of written business continuity and disaster recovery plans that will allow the Swap dealers (SDs) or Major Swap Participants (MSPs) to continue or resume operations by the next business day with minimal disruption to its counterparties and the market. It includes the recovery of all documentation and data required to be maintained by law.
Applies To: Swap dealers (SDs) and major swap participants (MSPs).
While Standards compliance is mandatory, we make it easy and efficient.