Continuity planning: Deal with the soft issues

Continuity planning: Deal with the soft issues

The SEC’s proposed rule for registered investment advisers solidifies other regulatory requirements and will mandate the creation of effective recovery plans. There is a vast amount of information available on the hard mechanics of developing and maintaining business contingency plans. Recent events such as Hurricane Sandy in the Northeast United States have made the need for continuity planning clearly evident to most businesses. Two elements are often overlooked in all the guides and post-event whitepapers and summaries, and are behavioral in nature.

1. Employee behavior during a crisis

Pundits in the 1970’s and 1980’s were concerned that most contingency plans would fall apart because employees would abandon their corporate duties and instead go and stay home to care for their families. History proves otherwise; part of the American psyche is that most responsible employees will do everything they can to help others in a crisis. We celebrate people who go above and beyond to help – virtually every week there is a YouTube video of someone helping a downtrodden stranger. However, employees will first make sure that their families are safe, and will only stay home if there are extenuating circumstances, such as very small children or an elderly parent at home.

Behavior considerations in building a contingency plan:

  • Proactively build in a time buffer and capabilities so employees can make sure their families are safe. If phone lines are clogged and they can’t connect, allow them to physically leave the office and check on the family. Pay for an Uber ride if you have to.
  • Set the expectation within your organization that if an employee can’t help with enabling a contingency plan because of their family situation, fine. It will set the right tone for the company and your recovery efforts.

2. The discomfort many employees will feel during testing

Contingency plans need to be tested for them to be truly effective. There are too many intangibles involved to nail a plan down 100 percent on your first attempt. Think how difficult it can be on some days to get primary resources functioning as intended – now think about having your regular systems, people, and processes unavailable.

Contingency planning is basically pretending that primary resources are not available and pretending to executing the plan. Many business people are uncomfortable with this – it can feel awkward and artificial, and even silly. However, just as it is unlikely you would use a new business application “out of the box” without testing it at some level, it is unlikely a contingency plan will be effective without testing and challenging it.

Behavior considerations in testing a contingency plan:

  • Set the tone at the top that testing is an important activity, and frankly it is more important for client service reasons than it is for regulatory compliance.  Create a budget for time to conduct the testing, and ensure that leaders actively participate and take the exercise seriously. Set the expectation that finding gaps or issues with the plan is highly encouraged.
  • Conduct testing in a graduated manner.
  • For the first iteration, conduct a table-top exercise where participants walk through their contingency plan responsibilities in conference room.
  • Have individual department or functions conduct walk-throughs on their own before involvement in an organizational test, it is much easier to gain comfort in a smaller setting.
  • Conduct a full-blown test and make it an event, one that fosters a sense of team building. 
  • Celebrate testing once it’s done. Food or a few cold drinks can go a long way in capping it as an important activity.

For more information on regulatory compliance, or to learn how Baker Tilly's financial services specialists can help, contact our team.

SEC Customer Protection Rule Initiative
Next up

SEC Customer Protection Rule Initiative