Pandemic Progress Report - How Do You Rate?

Credit EligibleAs a BankInfoSecurity.com annual member, this content can be used toward your membership credits and transcript tracking. Click For More Info

When it comes to pandemic preparation at U.S. financial institutions, it's a case of good news/bad news.

Bad news first: Many midsized and smaller financial institutions are not fully compliant with the recent FFIEC pandemic guidance and don't have formalized pandemic preparedness plans yet in place. (See related story: New Pandemic Guidance Issued by FFIEC and New Pandemic Guidance Issued: Interagency Memo Details Actions to be Included in Business Continuity Plans)

But the good news: We've spoken to several financial institutions about their efforts, and - as a result of regulatory pressure -- they all are working toward having a completed pandemic plan in place as part of their overall business continuity plan (BCP).

Good thing, according to William Henley, director of IT Risk Management at the Office of Thrift Supervision, who underscores the obvious: Compliance is mandatory. "It will be a learning process for institutions," Henley says, "but we expect that initially there will be organizations that just have not had enough time to update their business continuity plans (BCP) plans early on, [and] overall we would expect that within 6 months to a year all institutions will have updated their BCP appropriately."

Based on preliminary feedback from the national pandemic test of the financial services industry held in late September 2007, only a percentage of participants expressed that their institution was ready to face a pandemic. These results reinforce the need for this additional pandemic guidance, Henley says. "A severe pandemic event could significantly impact financial institutions and possibly the U.S. financial system if individual institutions are not prepared for it," he says.

Click to Get Updates on the Latest Information Security News

Company* Title* Email* Subscription Type: HTML Text Healthcare Enews General Healthcare Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Government Enews General Government Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Banking Enews General Banking Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Credit Union Enews General Credit Union Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Need Help?

Considerations for Pandemic Planning
The pandemic guidance helps institutions understand the impact of a pandemic event and how it differs from other types of disasters that they already have considered in their plans, Henley adds. In doing so, it allows them to modify and update their existing Business Continuity Plan to account for a possible pandemic scenario as well. Institutions under the OTS supervision are being examined for their compliance with the new guidance (as are other institutions under FDIC, OCC and NCUA oversight). The financial institution's business continuity plan should provide:

Progress Varies

Although institutions across the country have begun working to integrate a pandemic preparedness plan into their Business Continuity Plans, the level of preparedness ranges from "been there, done that" to "working on it."

South Adams Savings Bank ($194 million in assets) in Adams, MA, is one of the early developers. "We began preparing as soon as the initial guidance was issued back in 2006," says Kathy Dery. "We are very prepared for a pandemic disaster."

The bank has formed a liaison with the regional pandemic health care initiative headed up by the local hospital and the emergency care group, and the bank has stockpiled gloves and masks for its employees. Dery is confident about the depth of the bank's preparedness for a pandemic and says, "The business continuity plan is board-approved and in line with the just issued guidance."

Hearing that your institution's plan looks good from your examiner is a good thing, says Shawn Dotson at Partners FFCU ($58 million in assets) in Glen Allen, VA. When contacted about the credit union's level of preparedness for a pandemic and how they were progressing with their pandemic plan Dotson says, "We do have a plan in place. We are currently in the middle of a CUNA audit. From what I have heard, our plan looks good to [the auditor]."

Partners also has conducted employee training on pandemic preparedness. "We then went over with employees what branches would be open, work schedules and how the employees would handle the transactions to limit exposure," she says. While the transaction process will be "much slower than our members are used to expecting, we will be open through the pandemic," she says.