The FSA has issued a draft handbook, Operational Risk Systems and Controls, and warns up to 40 per cent of the 11,500 organisations it regulates have no back-up plans in the even of a major disaster or terrorist attack.
The guidelines, which are due to come into effect in 2004, mean major financial services companies could have to pay over £1m for the necessary software, with an annual bill of £600,000 to remain compliant.
‘Depending on the features of a software programme and its level of sophistication, a very large and complex firm could spend £1m or more on installing specialised software,’ states the handbook.
For small and medium-sized organisations, however, the bill is likely to be less than £250,000.
Although the warnings come in the run up to the first anniversary of the attacks in the US, it is the failure of increasingly automated IT systems and the security hazards of ecommerce which are cited as the more important threats to business continuity.
The handbook says companies should clearly document the business continuity strategy and reporting structure for IT operations and, where necessary, use technology to ensure the security of information.
Compliance with international security standard ISO17799 is recommended and outsourced back-up arrangements should be re-evaluated.
‘A firm that outsources its back-up provision to a provider that offers shared back-up site facilities may not have guaranteed access to this site if someone else is using it,’ the guidelines state.
The handbook is now open for public consultation until October, with the final version to be issued next year and the policy to take effect some time in 2004.
The FSA itself has this week unveiled changes to its own disaster recovery plans with a new emergency back-up site at an undisclosed location.
The centre has a separate IT system and communications links that allow the FSA to maintain contact with 35 strategic financial institutions including the London Stock Exchange.
‘It is important we get it right since London is a major financial centre and any interruption to business here would have an impact globally,’ said Michael Foot, managing director at the FSA.
Does Darwin's theory apply to taxation? Colin ponders...
The EC has been instructed to draft a European Union (EU) directive authorising an EU financial transaction tax, which would apply to ten of the EU’s 28 member states
Accountancy watchdog the FRC has dropped its investigation into the former chief financial officer of Tesco, nearly two years after the supermarket was engulfed in an accounting scandal
Colin imagines how Apple's logo might change in the wake of the EC's ruling over its Irish tax arrangements