Financial Update (Fourth Quarter 2002)


Cover Story

New Atlanta Fed Chairman

Payment Study

High-Tech Stock Performance

Update Online

Board Appointees


Did You Know?

Data Bank

The Docket

Careful Contingency Planning Can Save the Day

Picture of stopwatch
Continuity focuses on “failover,” or continuing crucial business activities at an alternate site. The aftermath of Sept. 11 revealed which aspects of business continuity plans worked and which did not and highlighted needed changes.

By Lynn Woosley, senior financial analyst

Disasters come in varying shapes and sizes. Very few will be as devastating and far-reaching as the events of Sept. 11, 2001. Every financial institution, though, needs to be prepared for crisis management through careful contingency planning. A financial institution that can’t resume operations promptly in the event of a disaster may suffer damage to its reputation and customer recognition from failure to maintain customer services, protect the company assets, or meet legal or regulatory requirements. Quite simply, failure to make appropriate continuity plans puts an institution at risk.

Harsh realities
Continuity focuses on “failover,” or continuing crucial business activities at an alternate site. The aftermath of 9/11 revealed which aspects of business continuity plans worked and which did not and highlighted needed changes. For example, most pre-9/11 contingency plans for banks and market utilities focused on the loss of a single building or system. For convenience, some institutions had located their backup facilities near the primary site, and if the distance separating the two sites was inadequate, both were unusable. Some institutions had not considered the effect of significant transportation disruptions on their ability to move personnel to alternate locations. Others had not planned for long-term building inaccessibility.

In addition, some institutions underestimated the effects of geographic and market concentrations when planning redundancies for some of their vendors. Telecommunications backup was one such area. Many backups did not perform well because the alternate providers and routings traveled through common switching stations. And even institutions located far from New York discovered operational problems at their vendors and counterparties.

Many institutions found that their resumption plans were outdated, incomplete or inadequate. Some plans ignored the need to recover noncomputerized records. Some firms with sophisticated data backup routines had trouble with software or hardware incompatibility or inadequate systems or telecommunications. In some cases, managers did not have off-site copies of their recovery plans.

The best-laid plans
With the lessons of 9/11 in mind, many institutions are reassessing their contingency plans, and the financial industry has begun to share ideas on best practices, including the following:

  • Consider what type of business continuity plan is appropriate for each critical item. The traditional active-site/backup-site model for disaster recovery may not be appropriate for critical operations since data and personnel transportation may be an issue. Experience indicates that recovering critical real-time processing operations from backup tapes is not suitable for large institutions or for critical or high-volume processing activities. In general, the more automated the disaster recovery plan, the better it will function in times of stress and extreme conditions.
  • Set appropriate objectives for recovery time and capacity for critical operations and the necessary practices to achieve recovery goals. Institutions that had planned for same-business-day resumption of critical activities experienced better outcomes after 9/11.
  • Ensure that contingency planning scenarios are sufficiently broad. Planning should identify critical activities, processes, utilities, vendors and markets. Best practices include planning for regional disasters, which involves backup sites located outside the primary site’s region. Duplicating and dispersing both data and people, although costly, is the best way to ensure rapid recovery.
  • Plan for tertiary backup sites for critical operations in the event of long-term inaccessibility of the primary site.
  • Consider joint continuity testing with customers and counterparties. Whether alone or with counterparties, periodically conduct end-to-end testing of continuity plans, documenting test results and revising plans where needed.
  • Consider the time necessary to relocate staff and evacuate affected sites if security restrictions limit the ability to move staff to alternate sites or enter a facility. Also take into account employees’ abilities to perform as required by the plan; traumatized and stressed employees may be unable to do their best work.
  • Establish delegated authorities so employees can make necessary decisions to avoid business-resumption delays if key decision makers are unavailable.
  • Finally, remember the need to develop appropriate crisis coordination and communication plans for civil and regulatory authorities, stakeholder groups and the media.

Business continuity planning is not a “one-size-fits-all” endeavor. Smaller, less complex institutions may not need or be able to follow all of the best practices. Larger and more critical institutions may be held to a higher standard (see sidebar). The past year, however, has shown the need for all financial institutions to understand their business continuity needs and plan accordingly.

Practices That Keep the System Bouncing Back

The Board of Governors of the Federal Reserve System, along with other federal financial agencies, in August issued a draft white paper, “Sound Practices to Strengthen the Resilience of the U.S. Financial System.” The paper presents business continuity best practices for core clearing and settlement organizations and other firms that play significant roles in critical wholesale financial markets and large-value payment systems. Public comments on the paper were due in October.

As discussed in the paper, core clearing and settlement organizations are the large-value payment system operators and market utilities such as Fedwire, Bank of New York and JPMorgan Chase. For such firms, which play significant roles in critical financial markets, failure to perform critical activities by day’s end would pose a systemic risk to the financial system because of the firms’ size and volume of activities. The regulatory agencies believe these firms should meet a higher standard for continuity planning.

The paper identifies four sound practices to address the risks of wide-scale disruptions: (1) identifying all critical activities in support of critical markets; (2) determining recovery and resumption time objectives; (3) having backup arrangements with sufficient out-of-region staff, equipment and data to meet the objectives; and (4) routinely testing or using the backup arrangements.

The critical activities mentioned in the paper include completing pending large-value payment instructions; clearing and settling material pending transactions; meeting material end-of-day funding and collateral obligations; managing material open-firm and customer-risk positions; communicating customer and firm positions, reconciling the day’s records and safeguarding firm and customer assets; and performing all support and related functions integral to the above activities.

To help ensure the financial system’s continuing strong performance, core clearing and settlement organizations need to recover and resume critical activities within two hours in most instances. Firms that play significant roles in critical markets should meet recovery and resumption time targets of four hours. Recently, the New York Stock Exchange and the National Association of Securities Dealers Inc. proposed similar rules requiring their member organizations to develop and maintain contingency plans.

See the complete text of the paper at