|For Immediate Release||November 14, 2019|
Financial Regulators Revise Business Continuity Management Booklet to Stress to Examiners the Value of Resilience to Avoid Disruptions to Operations.
The members of the Federal Financial Institutions Examination Council (FFIEC) today emphasized that examiners understand how management of banks and other regulated entities, including depository financial institutions, nonbank financial institutions, bank holding companies, and third-party service providers, have prepared their operations to avoid disruptions and to recover services.
The updated Business Continuity Management booklet focuses on enterprise-wide approaches that address technology, business operations, testing, and communication strategies critical to the continuity of the business. The booklet describes principles and practices for information technology (IT) and operations designed to achieve safety and soundness, consumer financial protection, and compliance with applicable laws, regulations, and rules.
As the booklet makes clear, business continuity focuses on more than just the planning process to recover operations after an event. Business continuity also includes the continued maintenance of systems and controls for the resilience and continuity of operations. Business continuity is an integral part of the risk management life cycle of an entity’s systems, processes, and operations.
The Business Continuity Management booklet describes principles to help examiners determine whether management addresses risks related to the availability of critical financial products and services. The booklet uses common terms and builds on widely used standards to facilitate effective supervision. The updated examination procedures will also help examiners assess the adequacy of an entity’s overall business continuity management program.
The Business Continuity Management booklet is part of the FFIEC Information Technology Examination Handbook (IT Handbook) and replaces the Business Continuity Planning booklet issued in February 2015.
The IT Handbook is available at http://ithandbook.ffiec.gov/.
The FFIEC was established in March 1979 to prescribe uniform principles, standards, and report forms and to promote uniformity in the supervision of financial institutions. It also conducts schools for examiners employed by the five federal member agencies represented on the FFIEC and makes those schools available to employees of state agencies that supervise financial institutions. The Council consists of the following six voting members: a member of the Board of Governors of the Federal Reserve System; the Chairman of the Federal Deposit Insurance Corporation; the Director of the Consumer Financial Protection Bureau; the Comptroller of the Currency; the Chairman of the National Credit Union Administration; and the Chairman of the State Liaison Committee.