Receive our daily newsletter

FFIEC Emphasizes Expanded Role of Information Technology in Updated Business Continuity Guidance

The Federal Financial Institutions Examination Council ("FFIEC") issued updated guidance to assist examiners in evaluations of business continuity governance at FDIC-supervised financial institutions. The new booklet, titled Business Continuity Management, replaces the Business Continuity Planning booklet issued in February 2015. The new guidance provides a heightened emphasis on the expanding role of information technology ("IT") in financial institutions' business operations.

In a Financial Institution Letter, the FDIC noted that no new requirements are imposed on regulated entities as a result of the updated booklet. However, the FDIC did point out the significance of the booklet's title change from Business Continuity Planning to Business Continuity Management. According to the FDIC, this title change is designed to reflect developments in both customer and industry expectations for financial institutions' resilience of operations, as well as the important function of IT in meeting these expectations.

The booklet provides guidance on examining an entity through an enterprise risk management ("ERM") perspective and covers (i) technology, (ii) business operations, (iii) communication strategies, (iv) training, (v) testing, (vi) maintenance, and (vii) improvement. Additionally, the booklet states that the "degree of maturity, integration and documentation" between the business continuity management and ERM processes of a regulated entity should be evaluated by examiners with consideration to the entity's size, complexity and risk profile.

Related Articles

  • FFIEC Issues Guidance on IT Safety and Governance

    The Federal Financial Institutions Examination Council provided new guidance in the form of a booklet titled "Management." The guidance is intended to assist examiners in their evaluations of information technology governance at financial institutions and service providers.

Premium Content

Available only to Cabinet Premium subscribers.

 

Tags

Regulated Entities: 
Body of Law: 
Jurisdiction: 
Organization: