On June 22, 2011, the SEC adopted final rules implementing amendments to the Investment Advisers Act of 1940 ("Advisers Act") that require advisers to hedge funds and other private funds to register with the SEC. The SEC also announced that it has officially extended the compliance deadline for "private adviser" registration until March 30, 2012.
Under the Advisers Act, registered advisers are required to have a Business Continuity Plan in place, so in this article we’ll look at the five steps of business continuity planning.
BCP versus DR
It is important to understand the difference between a Business Continuity Plan (BCP) and Disaster Recovery (DR), as they deliver complementary yet unique capabilities to a hedge fund. DR encompasses the steps taken to implement and support the infrastructure (hardware, software and sites) necessary to make recovery of mission-critical services and applications possible for a hedge fund. The steps to access up-to-date information and applications are established with DR.
A business continuity plan makes use of the infrastructure addressed in the DR plan, but focuses on business operations and understanding such items as:
- What are the mission-critical processes?
- Who are the key personnel?
- How are they going to be notified of an emergency?
- Where/how will they continue to operate?
Five Steps to Business Continuity Planning
To create an effective business continuity plan, a hedge fund should take these five steps:
- Evaluating physical on-site security and conducting walkthroughs
- Reviewing physical and network single points of failure
- Evaluating the impact of various business disruption scenarios
- Defining the probability of a risk occurring based on a rating system
- Prioritizing findings
- Developing a roadmap
Step 2: Business Impact Analysis (BIA). During this phase we collect information on:
- Recovery assumptions, including Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO)
- Critical business processes and workflows as well as the supporting production applications
- Interdependencies, both internal and external
- Critical staff including backups, skill sets, primary and secondary contacts
- Future endeavors that may impact recovery
- Special circumstances
Step 3: Plan Development. This phase includes:
- Obtaining executive sign-off of Business Impact Analysis
- Synthesizing the Risk Assessment and BIA findings to create an actionable and thorough plan
- Developing department, division and site level plans
- Reviewing plan with key stakeholders to finalize and distribute
Step 4: Plan Implementation. This phase centers on:
- Distributing the plan to all key stakeholders
- Conducting training sessions to help ensure employees are comfortable with the steps outlined in the plan
Step 5: Plan Testing & Maintenance. The final critical element of a BCP is ensuring that it is tested and maintained on a regular basis. This includes:
- Conducting periodic table top and simulation exercises to ensure key stakeholders are comfortable with the plan steps
- Executing bi-annual plan reviews
- Performing annual Business Impact Assessments
The BCP Guidebook
For more on BCP at Hedge Funds, checkout our “Establishing Business Continuity and Disaster Recovery Plans—A Hedge Fund Manager's Guide.”
Or contact Eze Castle Integration to speak with one of our certified business continuity planners about best practices or to learn about our Eze Business Continuity Planning Services.
- Expert Tips for Launching a Hedge Fund in a New Environment
- Answering the FCA's Dear CEO Letter on Outsourcing with Some Practical Steps
- Reflecting on What We're Thankful For This Thanksgiving
- Finding Your One-Stop Shop: The Benefits of Choosing an All-Inclusive IT Provider
- Three Ways Your Cloud Provider Can De-Stress Your Life
- business continuity planning
- cloud computing
- data loss prevention
- disaster recovery
- eze castle milestones
- hedge fund due diligence
- hedge fund marketing
- hedge fund operations
- hedge fund regulation
- help desk
- high frequency trading
- launching a hedge fund
- privacy compliance
- project management
- real estate
- startup & relocation
- trends we're seeing
- videos and infographics