• Investment World
• eWorld
• Catalyst
• Mentor
• Life
• Canvas
• Praxis
• Urban Pulse
• Brand Quest

Stocks

• Quotes
• SE Diary
• Scoreboard
• Open-End Mutual Fund

Shipping

• Ports
  
  

Archives

• Yesterday
• Datewise
• Resources

Group Sites

• The Hindu
• Business Line
• The Sportstar
• Frontline
• The Hindu eBooks
• The Hindu Images

D. Murali

THE BASEL Committee on Banking Supervision (BCBS), the International Organisation of Securities Commissions (IOSCO), and the International Association of Insurance Supervisors (IAIS) have joined hands to bring forth a consultative document titled `High-level principles for business continuity'.

The 42-page document is available for download on www.bis.org, because the Forum's secretariat operates from Bank for International Settlements, Basel, Switzerland, and the document is open to comments till March 10.

`Financial authorities' such as `prudential supervisors of securities firms', and `financial industry participants' such as `banks, securities firms, insurance companies, stock exchanges, operators of payment and settlement systems' have a shared interest in promoting the resilience of the financial system to major operational disruptions, notes the Forum.

Reasons for such a shared interest can be traced to many factors such as: `the pivotal role that financial intermediation plays in facilitating and promoting national and global economic activity'; greater complexity and operational risk owing to extensive automation; high concentration of clearing and settlement processes which if disrupted can `prevent significant market participants from completing transactions and meeting their obligations'; high velocity of money and securities and `deepening interdependencies among financial industry participants within and across jurisdictions'; continuing threat of attacks `targeted, directly or indirectly, at the infrastructure of the financial system'; and the need for maintaining `public confidence in financial systems'.

Much attention has already been bestowed on the topic of business continuity in many places, though at a local level. At the international level too, there have been moves such as the EU's updated Memorandum of Understanding (May 2005) `on information exchange during a financial crisis', and the meetings of the Committee on Payment and Settlement Systems `where central bank participants share their experiences in reviewing and enhancing business continuity plans'.

The Forum points out, as rationale for the new document, that regulatory initiatives have concentrated more on coordinating cross-border communications in a crisis, rather than drawing together lessons from major events and translating them into a set of business continuity principles, which are relevant across national boundaries and financial sectors.

Definition of terms

Business continuity is "a state of continued, uninterrupted operation of a business," defines a glossary in the document. Business continuity management (BCM) refers to `a whole-of-business approach' encompassing `policies, standards, and procedures for ensuring that specified operations can be maintained or recovered in a timely fashion in the event of a disruption' so that there are minimal `operational, financial, legal, reputational and other material consequences' in the wake of a disruption.

BCM incorporates business impact analyses, recovery strategies, business continuity plans, testing programmes, training and awareness programmes, and communication and crisis management programmes. Business impact analysis is `a dynamic process for identifying critical operations and services'.

Recovery means `the rebuilding of specific business operations following a disruption to a level sufficient to meet outstanding business obligations' and recovery strategy establishes `targets for the level of service' post disruption.

Recovery times comprise two components, according to the glossary. One, time between disruption and the activation of a business continuity plan; and, two, time taken from the activation of the business continuity plan to the recovery of the specific business operation.

Resilience means "the ability of an organisation, network, activity, process or financial system to absorb the impact of a major operational disruption and continue to maintain critical operations or services".

The seven principles

The consultative document lays down seven high-level principles, building upon traditional concepts of effective BCM. Seven is a popular number, if you've read Stephen R. Covey's books such as, The 7 Habits of Highly Effective People, that `sold 15 million copies and continues to sell 50,000 to 100,000 a month' as www.usatoday.com mentioned a year ago, when Covey brought out an 8th habit, `Find your voice, and inspire others to find theirs', running to `50 pages longer than the original seven combined'.

Henry Herald (www.henryherald.com) has an article headlined, `Celebrating the seven principles of Kwanzaa'. And there is, The Seven Principles for Making Marriage Work, by John M. Gottman and Nan Silver, among the 6,03,000 finds that Google fetches for the `seven principles'.

The first principle in BCM is that the ultimate responsibility rests with an organisation's board of directors and senior management. Second, organisations should `explicitly consider and plan for major operational disruptions'. Third, financial industry participants should develop recovery objectives, taking into account `the risk they represent to the operation of the financial system'.

Fourth, address `the full range of internal and external communication issues an organisation may encounter in the event of a major operational disruption' because `clear, regular communication during a major operational disruption is necessary to manage a crisis and maintain public confidence'. Fifth, don't forget `cross-border communications' because of `the deepening interdependencies of financial systems across national boundaries'.

Sixth, periodically test the plans to check if they are effective, and make necessary modifications. And seventh, financial authorities should factor in BCM reviews when assessing financial industry participants.

The document discusses, as case studies, the following: The US-Canadian electrical power grid outages (August 2003); the 2003 SARS outbreak and its impact on Hong Kong securities markets, and on the Canadian securities industry; Niigata Chuetsu earthquake (October 2004); and the London terrorist attacks (July 2005). Each of these recent disasters is dissected into sections named event, impact, response, and lessons learned.

For instance, one of the `lessons' of the London attacks is that many financial institutions advised non-essential staff to remain at home on the day following the incidents mainly because they recognised that the transport system would still be disrupted.

"Many staff were able to use remote access technology to work from home. Nonetheless, a few financial institutions experienced unscheduled staff absences of above 20 per cent — no doubt reflecting staff concerns about the risk of further incidents." Yet, "the surge in e-mail traffic during the incident slowed delivery and access to the Internet was similarly affected."

Check if your organisation isn't too busy to devote time to BCM!

AccountSpeak@TheHindu.co.in

More Stories on : Accountancy | Account Speak

Article E-Mail :: Comment :: Syndication :: Printer Friendly Page

Stories in this Section
For a second farm revolution

Copyright © 2006, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line