Whether you’re a new RIA who is just getting started on a Business Continuity Plan (BCP) or you already have one in place but want to be sure you’re following all the best practices, the FINRA Small Firm Business Continuity Plan is a good place to start. You should check out the site regularly for ongoing updates, but at the time of writing, the current template covers the critical components of a BCP.
- Emergency contact persons
- Firm’s policy for business continuity
- Description of your business
- Locations including alternative locations for employees
- Details on your customers’ access to funds and securities
- Details of your data back-up and recovery
- Your procedures for financial and operational assessments
- Description of your mission critical systems
- Your alternate means of communication with your customers, employees, and regulators
- How you’ll identify impacts on critical business constituents, banks, and counter-parties
- Your regulatory reporting process
- How you disclose your BCP to your customers
- Details of your BCP annual review and updates
This template is meant to be a guideline and not an exact fit for every RIA. You should consult with your IT services provider to confirm if your BCP meets your needs. You should also update your BCP on a regular basis as your firm changes.
If you find yourself concerned about any of the following, you may want to revisit your BCP soon.
- You’re not sure if your backup and recovery is sufficient and if it’s tested regularly.
- Your staff isn’t trained or prepared in the event of accidental deletion or corruption of your data.
- You don’t know how much data loss or downtime you can withstand in the event of a cyberattack.
- You’re unclear about your cyber security and your vulnerability to a cyberattack.
If you need help with your BCP, check out the business continuity services we provide to our RIA clients.
Here’s the direct link to the FINRA Small Firm Business Continuity Plan Template