By Jennifer Stadler, CPP, CCE
SVP, Marketing, Strategy, and Communications, PaymentsFirst
The United States is prone to its share of disasters. Depending on where your financial institution is located, wildfires, tsunamis, hurricanes, earthquakes, droughts, floods, landslides, tornadoes, lightning, riots, cybersecurity risks, medical emergencies, and economic crises can create havoc on society. Historically people within their community look to their financial institutions for assistance, guidance, and direction.
The FFIEC Guidelines require financial institutions to implement a solid business continuity management program, which includes an effective Business Continuity Plan. Not only do customers look to their financial institutions, but regulators expect financial institutions to implement and have a solid, reliable Business Continuity Plan in place.
Many financial institutions throughout the United States found themselves without a solid contingency plan in 2020. Working in a remote environment for many businesses was a process felt to be a struggle. The past few years have taught us the importance of a solid business continuity plan. Is your financial institution ready to take on the challenges of any disaster in any form, robbery, power outages, pandemics, or data breaches?
The purpose of a Business Continuity Plan is to focus on a subset of operational risk factors, identifying, assessing, and reducing risk to an acceptable level through the development, implementation, and maintenance of a written, enterprise-wide business continuity plan.
Business Continuity Plan Example:
- Procedures in place for continuity teams
- Contact list of critical employees
- The process to communicate with internal and external stakeholders
- Understanding critical vs noncritical functions and processes
- Relocation strategy and planned unanticipated expenses
- Business Impact Analysis and Risk Assessment are needed
A solid contingency plan provides simplicity for any team member to know exactly what process to follow when urgency strikes. The value of a detailed plan is imperative to help protect your organization and assist your team members to navigate through a crisis successfully. If your organization has a solid contingency plan, are you testing regularly? Does your team know where the plan is in the case of an emergency? Is your team trained on the plan and informed of changes and their responsibilities? If a disaster occurs, can your team access the plan easily? Does your plan include a method of communication with your customers/members?
Management, while using
a business impact analysis and risk management processes to identify and monitor risks, should focus on risk mitigation avoidance and acceptance strategies. When disaster strikes, it is important to lean on the multiple resources available to your organization. Not only will your Payment Association be an asset, but the Federal Reserve Bank, FFIEC, IRS, FEMA, Red Cross, and many others have valuable information to help your community prepare and get through a disaster. The Payment Associations represent a group of hard-working payment experts dedicated to assisting financial institutions through business continuity planning education, consultative audits, and risk assessments, providing guidance through various payment rules and regulations. Our teams, depending on your location, are ready to help you prepare, implement a plan, and guide your organization through a recovery effort when needed.