In accordance with COBAC Regulation R-2008/01 requiring credit institutions to prepare a business continuity plan, Every credit institution must implement appropriate approaches to adequate business continuity management.
The business continuity management policy shall include impact analyses, a business resumption strategy and business continuity plans.
Business impact analyses should identify critical activities and services, key dependencies on sources internal and external to the credit institution, and appropriate levels of resilience. They should assess the risks and consequences of different disaster or major operational disruption scenarios on the institution’s disruption on the credit institution’s business and reputation.
The recovery strategy should define, based on the impact analyses, recovery objectives and priorities, as well as the minimum level of service provided by the credit institution in the event of a disaster or major operational disruption and the framework within which it will restore normal business conditions.
The continuity plan should provide detailed, formalized and documented guidance on how to implement the recovery strategy, establishing roles and defining responsibilities in the management of disasters and operational disruptions and providing clear guidance on succession plans, substitution or delegation of authority in the event that the disaster or disruption has created a distortion in the chain of chain of command. The business continuity plan must specify the scope of the activities covered, the activities to be treated as a priority in the event of a major operational disruption, the residual risks not covered, the deadlines for implementing the plan, the formalization of procedures, and a summary description of the business continuity plan. procedures, as well as a summary description of the alternative site or sites.
A credit institution’s business continuity management should be tailored to its risk profile, taking into account its size, the scale and scope of its operations, and the risk it poses to the continued functioning of the banking system and the safety of depositors.
The business continuity management policy should take into account the new risks associated with national and international socio-economic developments and cover the requirements of outsourced activities.
Business continuity management policies, standards and processes be considered and implemented in the company’s comprehensive risk management and critical operations critical operations program of the credit institution.