The US General Accounting Office has criticised regulators and financial services firms for continued failings in disaster recovery procedures.
In a report to the Committee of Financial Services at the US House of Representatives, the GAO says that additional actions are needed to better prepare critical financial markets participants for potential terrorist attacks.
GAO reviewed 15 organisations that perform trading or clearing and found that many still had limitations in their preparedness that increased their risk of being disrupted. For example, nine of the sample had not developed business continuity procedures to ensure that staff capable of conducting their critical operations would be available if an attack incapacitated personnel at their primary sites, says the GAO.
Ten were also at greater risk for being disrupted by wide-scale events because four organisations had no backup facilities and six had facilities located between two to ten miles from their primary sites.
The report also criticises the Federal Reserve and Securities and Exchange Commission for failing to develop strategies and practices for exchanges, key broker-dealers, and banks to ensure that trading can resume in a timely manner in future disasters.
Individually, SEC has reviewed exchange and clearing organisation risk reduction efforts, but had not generally reviewed broker-dealers’ efforts says the GAO. Banking regulators also came under fire for only examining banks’ risk reduction measures annually.
In its report, the GAO says that the industry and regulators must work harder to improve business continuity planning. In addition, the report contains recommendations to improve SEC’s oversight of information technology issues.