Plan for the Worst, Regulators Advise

Several regulators, including the Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) issued advice on business continuity and disaster recovery planning. 

In the aftermath of Hurricane Sandy, which caused widespread damage to Northeastern states and closed U.S. equity and options markets for two days last October, several authorities issued an advisory encouraging firms to review their business continuity plans in order to improve responses to and reduce recovery time after significant large-scale events. The advisory followed a joint review by regulators, including the SEC’s Office of Compliance Inspections and Examinations (OCIE), and the Commodity Futures Trading Commission (CFTC)’s Division of Swap Dealer and Intermediary Oversight.

“Market reliability and resilience are vital to investors and to the fair and efficient operation of capital markets,” said Andrew Bowden, director of the OCIE. “In partnership with our fellow regulators at FINRA and the CFTC, we are sharing these lessons learned from Superstorm Sandy to help industry participants better prepare for future events that threaten to disrupt market operations.”

Grace Vogel, executive vice president of FINRA, noted that hurricane season is now underway. “With the problems from last year fresh in mind, we trust that our member firms will review their business continuity planning procedures against these best practices,” Vogel said.

The joint effort made it possible to leverage the experience of the entire industry to spread knowledge about best practices and identify areas that need improvement in order to help firms better prepare and be better able to respond to disasters, said Gary Barnett, director of the CFTC’s Division of Swap Dealer and Intermediary Oversight.

The advisory suggests effective practices in several areas:

  • Preparation for widespread disruption;
  • Planning for alternative locations;
  • Telecommunications services and technology;
  • Communication plans;
  • Regulatory and compliance considerations; and
  • Reviewing and testing.

A copy of the advisory can be downloaded here.