The regulatory environment in financial services has never been more robust as it relates to business continuity management practices. The Securities and Exchange Commission, The National Association of Securities Dealers, International Standards Organization, and Sarbanes Oxley all have specific implications to how companies address business continuity management, in the context of lessons learned from the financial crisis of the last several years.
The new regulations have set a higher standard for operational resiliency at financial organizations and mandate that senior management and the Board be involved strategically and tactically – to prevent worst-case operational and financial risk exposure, mitigate the impact of these risks, and recover in an orderly and predictable manner. Far-reaching judicial actions will be one of the legacies of the near-meltdown of this sector.
Financial services companies can expect investors, shareholders, regulators, legislatures, attorneys general, business partners – and even sovereign governments - to more aggressively inquire about their operational state of readiness and their plans for the recovery of essential functions after material disruptions. Enhanced service level agreements with customers will contractually obligate firms to more comprehensively address their operational risk profile.
- Increased regulatory attention from the SEC, NASD, ISO and compliance legislation
- “Backup to backup” testing (i.e., testing from recovered environments to business partners’ recovered environments)
- Shared recovery solutions/reciprocal agreements
- Geographic dispersion of intellectual capital
- Leveraging BCP budgets to address multiple business and technical needs (e.g., data backup/records management, system redundancy/performance management)
- Focus on pre-event risk minimization and post-event response strategies
- Organizational commitment to BCP and a well-defined risk management function
- Clearly defined incident/emergency management response strategies
- Emphasis on procedures for the electronic storage of vital records
- A robust technical recovery strategy; no single points of failure
- Contracting for business interruption and contingent business interruption insurance
- Greater appreciation for the disruptive impact from the financial services “supply chain”
Risk Solutions International develops business continuity, IT disaster recovery, and information security plans for banks, brokers, insurers, hedge funds, private equity firms and real estate investment trusts. We integrate sophisticated, intuitive planning tools that make business continuity a sustained practice.
For additional information on Risk Solutions International’s capabilities within the Financial Services & Insurance sectors, please contact Duane Lohn at firstname.lastname@example.org