Financial Services

Corporate Finance De Novo Banks Enterprise Risk Management Financial Restructuring Internal Audits Loan Reviews Profitability Enhancement Regulatory Compliance IT Risk Services Strategic Financial Planning Tax Services BKD Insights Articles BKD Webinar Series

Valuable Resources

BKD Financial Services Webinar Series

For additional information or to register for these informative one-hour webinars, please see our Financial Services webinars page.

Qualified, experienced BKD client service professionals write the contents of these articles. We urge you to carefully consider all of the facts and circumstances of your situation before applying specific information in our articles. Consult your BKD advisor before acting on any matter covered in these articles.

February 2009

Disaster Recovery & Business Continuity Plan

Many banks and financial institutions use the first and second quarter of the year to review and test their disaster recovery and business continuity plans (DR/BCP). Since most high risk weather and environmental threats, e.g., tornados, grass fires, wind storms and hurricanes, happen May through September, functional testing prior to that time allows an organization to plan and train existing and new employees. Another reason to conduct testing during this time is to make sure all employees are trained, not just key employees.

Enhanced guidance on DR/BCP was released last year by the Federal Financial Institutions Examination Council (www.ffiec.gov) and as a result, examiners may focus on the testing of plans, as well as a financial institution’s review or development of a business impact analysis. The business impact analysis should identify the potential impact of uncontrolled, nonspecific events on a financial institution’s processes and functions. It also should help guide the institution toward the risk assessment phase and ultimately the contingency plan phase.

A DR/BCP is a living document and should reflect changes in technology, people and processes. An annual review provides the perfect opportunity to document changes that were made during the year. After updating the plan for changes, test it and communicate it to employees, as well as identify any gaps and provide a path for corrections.

International Automated Clearing House Transactions

September 18, 2009, a major change is coming to the Automated Clearing House Network (ACH). NACHA is implementing a rule that will create a new Standard Entry Class (SEC) code for International ACH Transactions (IAT). The purpose of the IAT is to help U.S. financial institutions comply with the Office of Foreign Asset Control (OFAC). The new code establishes standards for what information is needed and where it is to be contained in the transaction. It also requires each entity involved in the processing of the transaction be listed. Each receiving financial institution is responsible for scanning this information against the OFAC list.

To be prepared, financial institutions should have or perform the following:

Educate appropriate staff and, where reasonable, customers
Prepare policy that addresses ACH OFAC compliance for both receipt and origin of IATs
Check with your ACH software vendor to ensure it has the proper system in place to handle the new transaction
Implement and test handling procedures for incoming and outgoing IATs (may require vendor’s assistance)
Review ACH originators to make sure the appropriate SEC code is being used

Remember, it is the responsibility of each financial institution to ensure OFAC compliance and this cannot be contracted to a third party.