With Hurricane Florence barreling down on the east coast, it would be prudent for investment advisers across the country to take a step back and reexamine the measures they have put in place adequately address their needs in cases the worst should happen to them. What happens to your business should your primary place of business become uninhabitable? How would you ensure that your employees could continue to function? Most importantly, how would you safeguard your clients’ assets such a chaotic situation?
After Hurricane Harvey struck the Houston area in 2017, it became clear that many had failed to account for such a devastating scenario. The weak points in many advisers’ business continuity plans were exposed through a trial by fire, or in this case by water. Due to the heavy flooding in the Houston area, many advisers were unable to contact their clients and employees, conduct business from alternate locations, and many even lost crucial files necessary to quickly regain normal business functionality once the storm was over. Likely as a result of the failure of these prior plans, the SEC made business continuity plans one of their key exam priorities for 2018. So what plans should you have?
At a minimum, FINRA rule 4370 requires that a business continuity plan address:
- Data back-up and recovery (hard copy and electronic);
- All mission critical systems;
- Financial and operational assessments;
- Alternate communications between customers and the member;
- Alternate communications between the member and its employees;
- Alternate physical location of employees;
- Critical business constituent, bank, and counter-party impact;
- Regulatory reporting;
- Communications with regulators; and
- How the member will assure customers’ prompt access to their funds and securities in the event that the member determines that it is unable to continue its business.
One of the best ways to ensure a continuity of service and to safeguard your critical files is the use of cloud storage providers. The use of such a provider will allow you to access your mission critical files anywhere you have an internet connection. In addition, annual reviews and tests of your business continuity plan are vital to ensure that you are prepared for the worst-case scenario.
While you may or may not be in the path of Hurricane Florence, you never know when the next disaster will strike your area. Whether it is a hurricane, blizzard, or when a squirrel shuts down the NASDAQ (yes, that happened!), it is your responsibility to ensure that your clients are protected at all times. While you can never predict the time and place of the next disaster, you can, and must, prepare for it.
Sources:
https://www.sec.gov/about/offices/ocie/national-examination-program-priorities-2018.pdf
http://finra.complinet.com/en/display/display_main.html?rbid=2403&element_id=8625
About Red Oak Compliance Solutions
Red Oak Compliance Solutions is a leading provider of intelligent compliance software, offering a range of AI-powered solutions designed to help firms of all sizes successfully navigate the increasingly complex regulatory landscape. Our suite of 17(a)-4/WORM compliant features offer risk minimization, cost reduction, and process optimization capabilities with features that are designed to evolve with our client’s needs. Our flagship advertising review software enables firms to deliver compliant content to the market with confidence, faster. Our Disclosure Management and Intelligence solution simplifies the management of disclosures, while our Registration Management solution automates and streamlines the licensing and registration process, further enhancing your internal processes.