In the event of disaster, communities and businesses can easily spend months recovering, even with proper advance preparedness. To ensure that this recovery can go as smoothly as possible, in 2016, the Securities and Exchange Commission (SEC) proposed a new rule requiring registered investment advisors enact and maintain both business continuity plans and transition or succession plans.
In establishing these plans, the SEC recommended that advisors consider both external and internal threats, to ensure robustness of planning, and to consider how threats could affect the various parties with which firms could interact – from fire, to terrorist attacks, to cybersecurity threats.
In building these plans, the SEC emphasizes four key areas:
- maintenance of critical operations, including protection of data;
- confirming alternate physical locations for operations;
- establishing stable lines of communications with clien;ts, employees, regulators, and key third parties; and
- identification of critical third party services.
Source: