Business Continuity and Preparing for Regulatory Exams Post-Pandemic
As a compliance professional, the past months have probably been the most challenging of your career. Events, whether COVID-19, significant market fluctuations, halted stock exchange trading, or liquidity concerns, provided new and unique challenges for even a seasoned compliance professional. And while the focus on these new risks should take center stage for compliance officers, there are other factors that should be addressed. Let’s first consider how your Business Continuity Plan (BCP) fared.
Starting in March 2020, investment managers experienced a true test of their BCP. Prior to March 2020, there were not many financial services firms that considered pandemic planning in their BCPs. Within a few short weeks, investment managers were forced to fully implement their continuity plans and figure out new ways to manage certain aspects of their business remotely. So, what worked? And more importantly, what didn’t work?
Some important areas to consider and review within your BCP self-assessment include:
- Were there any elements of your business that were impeded due to quarantine?
- Were you unable to mail quarterly statements or the Form ADV material changes notification?
- What happened to your firm’s mail?
- Did the inability to access your offices impact the receipt of important materials delivered via postal service?
- If your practice performed bill-paying services, did the fact that your office was closed impede your ability to provide those services to clients?
- Did you need to implement new policies to govern employees’ maintaining books and records at their personal residences due to WFH protocols?
- Prior to the pandemic, were all employees set up on secure remote access?
- Did you suddenly have to allow employees to utilize their own electronic devices to perform work functions and maintain client records?
Performing a BCP self-assessment will help memorialize where your company saw success and which areas needed improvement. Specific areas to evaluate within the self-assessment should include communications, technology, cybersecurity, how mission critical vendors performed, personnel considerations and any impact to your clients.
To read the full chapter on business continuity and preparing for regulatory exams post-pandemic, download The CCO’s Playbook.