3 Continuity Events You Should Be Planning For

By Sarah Sutton

Shipping containers being transferred by railroad

Business Continuity Plans (BCP) are put in place so that your firm can provide critical services to your clients and employees during service outages.  Having a plan of action ahead of time will help ensure the safety of your employees, continuity of your business and uninterrupted service to your clients.

Disasters can come in many forms and with varying risk levels, from extended outages, unusable workspace, cybersecurity attacks or unexpected loss of a key team member. When your firm is faced with a crisis, a strong, tailored Business Continuity Plan is a necessity that you will be relieved to have in place.

While it is impossible to plan for every event, there are common vulnerabilities that you can identify and plan for. 

Environmental disaster and the physical working space. Pandemics, power outages, fire and flooding are just a few examples of situations that can make your office inaccessible. With your office structure and locations, can you easily set up a working environment for your employees elsewhere?  Are your records safe? Can your clients reach you and still receive critical services from you? Physical working space is an important consideration in any well-defined Business continuity Plan, but one that is often overlooked or not thought through. In additional to plans of where to operate your business, consider how you will notify your employees and customers. Who will make these decisions and who will disseminate the information, and how?

Cybersecurity.  Cybersecurity attacks continue at great monetary and reputational cost. You should have a plan to mitigate and manage external and internal cybersecurity risks. From ineffective passwords, theft, malicious misuse of information or a targeted attack, a strong cybersecurity policy and regular training can help. When policies aren’t enough, have a plan of action that includes a process for quick notification, containment of the situation and steps to notify appropriate agencies. Other points to consider:

  • Do you have the right technology partner and platforms to provide the support needed in the event of a cyber breach?
  • Are your cybersecurity policies strong, up to date and understood by your employees?
  • Are you testing often enough?

Loss of Key Person. These plans require specific analysis, time to develop, and will change over time. Considering Key Person replacement is a constantly evolving piece of a Business Continuity Plan. Key Person replacement plans should be revisited annually to ensure your plan is still effective, reasonable and attainable These decisions should be made with careful consideration—not in a time of crisis.

Oyster professionals have first-hand experience as firm leaders in business continuity management, business continuity plan design, development and implementation, incident/event management, technology infrastructure resilience and recovery, and operations management. Oyster can provide a risk assessment to identify your vulnerabilities, help identify and prioritize activities, and mitigate the impacts of business disruptions. Our solutions are practical and tailored to your firm’s business model.

About The Author
Photo of Sarah Sutton

Sarah Sutton

Sarah Sutton has over 20 years of experience in the financial services industry on both the revenue and compliance sides of the business. Her expertise includes compliance supervision, leading firm and regulatory examinations, regional and retail branch management, brokerage and clearing operations, developing and implementing advisor best practices along with technology training, financial planning delivery and implementation, advisor and firm transition management to new firms and channels, and project management for advisor and client solutions.