A six-month investigation by the Financial Services Technology Consortium has documented over 100 business continuity regulations, standards and guidelines affecting US financial institutions.
The effort gathered more than 100 - sometimes contradictory and inconsistent - continuity-related laws affecting US financial institutions from 16 different geographic jurisdictions worldwide. The project team analysed content, identified commonalities and differences, and examined trends. Core regulations were documented and the requirements for compliance were outlined using universal terminology.
Zachary Tumin, executive director of FSTC, says: "This key first step will allow us to develop processes and models that facilitate the successful integration of regulation and best practices for financial institutions of all types."
He says many new regulations and guidelines have been enacted over the years in response to natural disasters, such as Hurricanes Hugo and Andrew; telecommunications failures; denial of service attacks; and terrorist attacks, such as 9/11, the Murrah Building bombing, the anthrax scares, and others. Technology developments have also triggered new regulations as new capabilities came on-line.
Charles Wallen, managing executive of FSTC’s business continuity standing committee, and project director, says inconsistencies between regulations issued by different agencies have made compliance difficult and frustrating: "Financial institutions had been looking for a resource to help them track and comply with these regulations."
Seven FSTC member institutions and technology service providers participated in the project, which was managed by KPMG.