The last few months provided a real test in disaster recovery measures for some firms located in communities surrounding Houston, Southern Florida, and Northern California areas. And then, while combined with recent cybersecurity breaches, other advisors across the country experienced more risks to their practices. SEC compliance
Step 1: Establish a plan/template
Determine key components of the plan.
Map office locations for testing, training, and implementing the plan.
Plan communications methods, types, and alternatives.
Prepare an operation manual that addresses emergencies.
Step 2: Establish the team
Assign one leader (and a co-leader if necessary) who understands the critical tasks, logistics, and risks of the firm.
Delegate roles/responsibilities for the team.
Maintain procedures in case a team member is unable to fulfill his/her obligations. This can also be another firm/advisor if you are a sole practitioner with no staff.
Step 3: Critical Business
Systems/Vendors
Describe essential
services (e.g. trading).
Maintain a list of key vendors/business services (e.g. custodian, banks, prime brokers, IT).
Prepare supplies (e.g. emergency first aid kit, food).
Step 4: Risk Assessment
Identify risk areas/mitigation processes for Standard Business Disruptions (SBD’s):
Maintain a list of key vendors/business services (e.g. custodian, banks, prime brokers, IT).
Prepare supplies (e.g. emergency first aid kit, food).
Step 4: Risk Assessment
Identify risk areas/mitigation processes for Standard Business Disruptions (SBD’s):
Fire: “In the event of a fire, the firm may be unable to use the office and will meet at this location….”
Hurricane: “In the event of a hurricane, the firm may be unable to use all offices, phones, and other standard methods of communication. We will mitigate this risk through……”
Data Breaches: “In the event of a cybersecurity attack, our firm will….”
Step 5: Update and/or test with team once a year.
Review the firms business continuity documentation at least annually for making changes.
**Note: We will
develop a Preparedness checklist to help firms to better plan,
test, and update disaster recovery measures.
This will be available in our compliance management software for paid
users. State or call us at: 650-305-2688.
Compliance and Business Management
FIN Compliance (FINCompliance.io) is a
consortium of compliance services including: RIA Consults-Roberson Consults
Group, a compliance consulting firm, RIA Review, a compliance-management
software tool (SaaS), B-D Review, a RIA/Broker-Dealer compliance management
software tool, and FINLancer is a business
management portal featuring: E-signature tools; Invoicing integration,
Vendor Directory, continuity directory*, business client document portal, and
more (available by Q3 2019). Access all services
on one site: FINCompliance.io.
Impact
FIN Missions (FINmissions.com) provides business support group
sessions for other entrepreneurs. In addition, Cory has volunteered
for more than fifteen youth programs in locations such as like S. Korea, China,
S. Africa, Thailand, and India.
No comments:
Post a Comment