Business continuity plans for RIAs

In response to 9/11, FINRA created Rule 4370, which requires broker-dealers to maintain Business Continuity Plans (BCPs) “reasonably designed to meet existing obligations to customers.” Regulatory focus on this area helped to minimize impacts of Hurricane Sandy on the New York-New Jersey financial industry in 2012.

Related story: Five steps to prepare employees, business for natural disasters

Is the SEC now requiring Registered Investment Advisers (RIAs) to have BCPs, too? Well, they clearly think it’s a good idea.

That’s the summary point from a National Exam Program Risk Alert published by the SEC on Aug. 27. According to the Alert, SEC audits recently reviewed the BCPs of approximately 40 RIAs in areas affected by Sandy to assess compliance with applicable laws and rules. Rule 204-of the Investment Advisers Act, requires RIAs to maintain books and records “so as to reasonably safeguard them from loss, alteration or destruction.”

For small RIAs, two main objectives of a BCP are:

  1. Assuring protection of and access to client data during a disaster or disruption (e.g., through a back-up data site); and
  2. Having an affiliation with another firm (not in the same area) where staff operations can continue to work temporarily through a disaster. BCPs should be written and shared with the RIA’s key staff people. They need not be communicated to the SEC, except during audit or on demand. 
About the Author
Rich White

Rich White

Writer and sales training consultant with 25 years of experience in the financial services industry, White is the author of "12 Steps to Your Personal Success in the 401(k) and Small Plan Market," the leading retirement plan sales program in the industry. You can reach him at 914-380-4522 or by email at richwhite8@yahoo.com.


Advertisement. Closing in 15 seconds.