Business continuity for the banking and financial services sectorBanks and financial services firms in Switzerland are regulated by
FINMA, the Swiss Financial Markets Supervisory Authority. Are you confident that your business meets all FINMA's business continuity requirements? These stipulate that banks and financial services must ensure the following:
- Data back-up and recovery (hard copy and electronic) – banks must be able to identify the location of primary books and records (hard copy and electronic) and the location of back-up records. In addition, banks and financial services firms must be prepared to describe how they back up data, as well as how they will recover data in the devent of a significant business disruption.
- All mission-critical systems need to have proven disaster recovery capabilities and resilience measures in order to claim (and substantiate) high availability. This relates to all bank systems necessary to ensure prompt and accurate processing of securities transactions, including order taking, order entry, execution, comparison, allocation, clearance and settlement of securities transactions, the maintenance of customer accounts, access to customer accounts and the delivery of funds and securities.
- Financial and operational assessments – banks and financial services firms must have written procedures that allow them to identify changes in its operational, financial, and credit risk exposures. Operational risk focuses on the firm's ability to maintain communications with customers and to retrieve key activity records through its mission critical systems. Financial risk relates to the firm's ability to continue to generate revenue and to retain or obtain adequate financing and sufficient equity. Firms may also face credit risk –for example, where its investments may erode from the lack of liquidity in the broader market – which would also hinder the ability of the firm's counter-parties to fulfil their obligations.
- Alternative communications between customers and the firm – a backup method of communication that a bank or financial services firm can use to communicate with its customers in the event of a significant business disruption.
- Alternative methods of communication between the firm and its employees.
- Alternate workspace for employees – an alternative place of work (commonly a purpose-built workplace recovery centre) must be designated for employees including key personnel who have been tasked in the bank's business continuity plan with helping to recover business operations.
- Impact on stakeholders – banks and financial services firms must consider the effect a significant business disruption will have on a firm's relationship with its critical business constituents, other banks, and counter-parties – and how it will deal with those impacts.
- Regulatory reporting – as part of their business continuity provision banks and financial services firms must consider how they can continue to comply with regulatory reporting requirements in the event of a disruption.
- Communications with regulators – banks should plan how to communicate with regulators through whatever means are still available, including the designation of business continuity plan contacts with FINMA to assist in those communications.
- Give customers prompt access to their funds and securities – the business continuity plan should detail the measures the bank or financial services firm will use to make customer funds and securities available to customers in the event of a significant business disruption.
Resilience Guard's consultants can carry out an objective review of your firm's business continuity provision and flag any gaps to ensure you're following best practice. Drawing on decades of experience, we'll advise how best to ensure uninterrupted operations, good customer service
and comply with regulatory requirements.
Contact us to discuss how we could help your organisation.