business continuity discussion - c.ymcdn.comc.ymcdn.com/sites/ · business continuity discussion...

Business Continuity

DiscussionCMTA Annual Conference 2017Stay connected when disaster strikes

April 27th, 2017

Michelle Durgy

Senior Portfolio Manager

KCM Investment Advisors

Jonathan Millard

SVP and Market Leader

Bank of America Merrill Lynch

Eileen Roberts

Executive Director

J.P. Morgan

Disaster Preparedness

Business Continuity Planning

3

Source: http://www.acswa.org.au/EMEAGECARE/frame/risk_assessment3.html

Stages of Disaster Preparedness

4

On-site access to all network servers, phone lines, and internet

Alternate location access to all network servers, phone lines, and internet.

Remote access to all network servers, phone lines, and internet.

No access to network servers or internet but access to phone lines from remote location.

No access to network servers, phone lines, or internet from any location.

Ideal

Stage 3

Stage 1

Stage 2

Stage 4

Disaster Preparedness Actions

5

Ideal

Stage 3

Stage 1

Stage 2

Stage 4

Stage 1 – If you are unable to travel to worksite, travel

to alternate office. At all stages, Investment staff shall be in contact to confirm cash and trade settlements before any investment decisions are made.

Stage 2 - If you are unable to travel to an alternate office, access the agency servers, internet and phone lines from your home or other remote location.

Stage 3 – If you unable to access the agency servers

and internet remotely, utilize phone lines from home or other remote location.

Stage 4 – If you do not have any access to agency

servers, internet, or phone lines from any location, external expert will take control of the portfolio (establish term maximums).

On-site access to all network servers, phone lines, and internet

Alternate location access to all network servers, phone lines, and internet.

Remote access to all network servers, phone lines, and internet.

No access to network servers or internet but access to phone lines from remote location.

No access to network servers, phone lines, or internet from any location.

San Francisco Specific Plan

Functions Essential Sources Purpose Ideal 1st Stage 2nd Stage 3rd Stage 4th Stage Dept

Key

Personnel

Alternat

e

Person

nel

Stage 4

Contact

s

Portfolio Sungard/PFM/Citibank

Pool positions, daily

maturities and

income

City Hall - Onsite access 1155 Market Street Remote access from

home or other remote

location.

Remote access

via telephone

PFM to take

control of CCSF

portfolio (60 Day

Max per Contract)

Investments Stages 1-4:

Michelle,

Hubie, EJ

Pauline

Marx

PFM

Cash Flow Bank of America/TWS

Provides available

opening balance,

credits and debits



location.

Remote access

via telephone

PFM to take

control of CCSF

portfolio (60 Day

Max per Contract)


Michelle,

Hubie, EJ

Pauline

Marx

PFM

Cash Flow PFM

Comprehensive cash

flow analysis for Pool



location.

Remote access

via telephone

PFM to take

control of CCSF

portfolio (60 Day

Max per Contract)


Michelle,

Hubie, EJ

Pauline

Marx

PFM

Compliance/Policy

ConstraintsExcel/PFM

Provides information

on compliance and

policy constraints



location.

Remote access

via telephone

PFM to take

control of CCSF

portfolio (60 Day

Max per Contract)


Michelle,

Hubie, EJ

Pauline

Marx

PFM

TradingBloomberg/Broker

Contacts

Trading platform and

trading via broker

contacts



location.

On-line trading

via electronic

platforms and/or

manual trades

via telephone

PFM to take

control of CCSF

portfolio (60 Day

Max per Contract)


Michelle,

Hubie, EJ

Pauline

Marx

PFM

Trading BondEdge

Provides portfolio

analytics and

scenario/risk analysis



location.

No access PFM to take

control of CCSF

portfolio (60 Day

Max per Contract)


Michelle,

Hubie, EJ

Pauline

Marx

PFM

Settlement/Wire

TransfersBanking

Cash movements for

bond proceeds as

Fiscal Agent



location.

Remote access

via telephone

PFM to take

control of CCSF

portfolio (60 Day

Max per Contract)


Michelle,

Hubie, EJ

Pauline

Marx

PFM

Custody Citibank

Provides trade

settlement, income

collection, corporate

action processing,

and cash movement

to BOA for CCSF



location.

Remote access

via telephone

PFM to take

control of CCSF

portfolio (60 Day

Max per Contract)


Michelle,

Hubie, EJ

Pauline

Marx

PFM

6Source: City & County of San Francisco, Office of the Treasurer

Business Partnerships

Are you prepared?

Your Bank can help you address needs like:

▪ Payables—cover payroll and make urgent payments

▪ Receivables—track collections

▪ Treasury—monitor your cash position (balance and

detail activity) remotely

Consider the following: ▪ How will you pay your employees? How will you pay the employees who do not have

checking accounts?

▪ How much line of credit do you need in case you’re unable

to make deposits to cover your disbursements?

▪ How will you process your ACH and wire transfers to pay

your vendors?

▪ How will your employees pay for emergency needs?

▪ How will you access your online reports?

8

Your Bank can help support your contingency plan

Need Banking Solutions

Online

Reporting

▪ Balance reporting, lockbox, controlled disbursement and other critical reports

can be faxed to your business continuity site

▪ Mobile capabilities for access to track daily cash management activities

Receivables ▪ Lockbox reports can be faxed to your business continuity site

▪ Mobile capabilities for flexible access to daily

ACH ▪ Several backup procedures are offered –and may be customized according

to your requirements

▪ Examples of file deliveries: HTTPs, email

Wire

Transfers ▪ Wire initiation can be made via telephone and secure PINS

▪ Mobile review and approval of pending payments

Payroll

▪ Replicate the last payroll file to help ensure funds are disbursed to your

employees on time

▪ ACH and wire transfers are options for your employees who do not have

direct deposit

▪ Prepaid cards may be an option for your employees who do not have bank

accounts

Credit

Cards

▪ Emergency card issuance—generally with next-day delivery

▪ Card cancellation and replacements processed by your card program

administrator directly

▪ 24/7/365 customer service support

Prepaid

Cards ▪ Emergency access cards for employees

▪ New prepaid card programs generally can be setup in two to three days

Cash▪ Establish a deposit work order sheet to expedite cash orders

▪ Web ordering available as well

Ask your bankers to

help you prepare for an

emergency.

Any event that disrupts your

organization’s ability to

function for an extended

period of time.

9

Succession Planning

Business Resiliency Mission Statement

Ensure your financial partner has the ability to continuously operate during business disruptions.

PEOPLEDevelop dynamic,

knowledgeable,

risk sensitive

community of risk

professionals

CLIENTDemonstrate our

ability to continue

business during

adverse

situations

RISK

CONTROLSEffectively

manage the

resiliency

controls in the

risk and

regulatory

environment

PROCESSESDrive

consistency,

efficiency and

effectiveness

through global

processes

INNOVATIVE

TECHNOLOGYDevelop and

leverage

effective tools to

enhance our

capabilities

11

Resiliency Approach

12

1. Conducting a Business Impact Analysis – Review of process to determine prioritization & Recovery Time Objective (RTO)

. Key areas reviewed include:

Financial impact

Customer impact

Legal / Regulatory impacts.

2. Determining Business Resiliency Strategy Solution – Based upon RTO, strategy can range from Work at Home solutions

up to developing a robust Global Footprint.

Determining Resiliency Plan:

3. Conduct reviews and document all key information that would be needed if resiliency plan was to be invoked. Key areas

to consider:

Defining Resiliency Plan Events:

4. Plan Testing – Develop robust and regular testing plans to ensure that the strategy adequately supports the needs to

business. Testing should include Call Trees, connectivity, validation of capability to meet RTO.

5. Plans / Audit Revisions – Continuous review of plans with Resiliency office and Risk teams. Annual testing reports are

reviewed & solutions are discussed / implemented.

Testing and Refining Resiliency Plan:

Activation

Critical Tasks

Technology Requirements / Data Access

Recovery Site Specifications

Transportation

Communications with Clients, Vendors, and Staff

GovernanceOversight

Resiliency risk implementation model

13

RISK ASSESSMENT

Identify threats

Understand vulnerabilities

Assess concentration risk

BUSINESS IMPACT

ANALYSIS

Assess risks

Establish tolerances

Derives recovery time

objectives

Interdependencies

requirements

1Risk

Assessment

2Business Impact

Analysis

3Strategies /

Solution

4Document

Business and Crisis Plans

5Testing /

Awareness

6Maintenance

and Reporting

STRATEGIES / SOLUTION

Mitigate risk

Meet RTOs

Solution meets business need

DOCUMENT BUSINESS

AND CRISIS PLANS

Quality planning

Key components

Notification

Crisis plan

TESTING / AWARENESS

Validate plans

Proactive training

Awareness campaign

GOVERNANCE OVERSIGHT

MAINTENANCE AND

REPORTING

Validate to standards

Change management

Effective reporting

Set priorities

Transparency

Major expenditures

Support operating model

Escalation

Resiliency: Best Practices

14

No Critical Processes co-located with Operations

Critical Systems in multiple locations in order to maintain

operations in the event of a regional outage

No such thing as a BAU site or a disaster recovery (DR)

site – should be identical

Routinely move production between BAU and DR sites

Technology staff as comfortable in the DR site as they are

in the BAU site

Realize desktop virtualization to enable people to work

from anywhere, anytime

Technology

Clear, frequent and structured communications are key

Involve all business partners in resiliency planning &

testing

Verify ability to sustain processes in another location for

extended periods of time

Develop close working relationship with key 3rd party

vendors and ensure that their resiliency plans are

understood and that they can adequately support your

needs

Operations

Lessons Learned

Mother Nature

Update employees on forecast,

precautions and emergency

procedures

Have capability in place to

locate all staff members

Establish, track and

communicate storm thresholds

& response levels

Allocate contingency funding to

assist employees

Political Events

Implement and maintain strong

local insights

Ensure speed of communication

matches speed of the event

Conduct frequent assessment

calls to ensure ability to shift

work quickly

Pandemic Planning

Establish absentee thresholds

for all processes, functions and

locations

Pre-position critical staff to

other locations if thresholds are

approached

Frequently test work-at-home &

remote access capability

Succession Planning Process

15

Chase, J.P. Morgan, and JPMorgan Chase are marketing names for certain businesses of JPMorgan Chase & Co. and its subsidiaries worldwide (collectively, “JPMC”).

This document was prepared solely and exclusively for the benefit and internal use of the party to whom it is directly addressed and delivered (the “Company”) in order to make

a preliminary presentation to the Company regarding certain products or services that might be provided by JPMC. This document and any related presentation materials are

for discussion purposes only and are incomplete without reference to, and should be viewed solely in conjunction with, a related oral briefing provided by JPMC. This

presentation does not constitute a commitment by any JPMC entity to extend or arrange credit or to provide any other services. The Materials and oral briefing (collectively the

“Information”) contain information which is confidential and proprietary to JPMC and may only be used by the Company for the purpose of evaluating the products and services

described in the Information and may not be copied, published, disclosed or used, in whole or in part, for any other purpose other than as expressly authorized by a JPMC

entity.

In preparing the Information, JPMC has relied upon and assumed, without independent verification, the accuracy and completeness of information available from public sources

or provided to it by or on behalf of the Company. JPMC does not guarantee the accuracy, completeness or reliability of that information. JPMC’s opinions and estimates

contained herein reflect prevailing conditions and our views as of this date, which are accordingly subject to change, and should be regarded as indicative, preliminary and for

illustrative purposes only. Our analyses are not and do not purport to be appraisals of the assets, stock, or business of the Company or any other entity.

The Information is not intended and shall not be deemed to constitute or contain advice on legal, tax, investment, accounting, regulatory, technology or other matters on which

the Company may rely, and the Company should consult with its own financial, legal, tax, accounting, compliance, treasury, technology, information system or similar advisors

prior to entering into any agreement for JPMC products or services. The Company is responsible for its own independent assessment as to the cost, benefit, suitability and

appropriateness of any products or services it obtains from JPMC. JPMC makes no representations as to the actual value which may be received in connection with any JPMC

product or service or the legal, tax, or accounting implications of consummating any transaction contemplated by the Information.

The Information contained herein is intended as general market and/or economic commentary, does not constitute and should not be treated as J.P. Morgan research. The

Information may differ from that contained in J.P. Morgan research reports. The Information is not intended as nor shall it be deemed to constitute advice or a recommendation

regarding the issuance of municipal securities or the use of any municipal financial products. JPMC is not providing any such advice or acting as the Company’s agent,

fiduciary or advisor, including, without limitation, as a Municipal Advisor under Section 15B of the Securities and Exchange Act of 1934, as amended.

The Information does not purport to set forth all applicable terms or issues and are not intended as an offer or solicitation for the purchase or sale of any financial product or

service or a commitment by JPMC as to the availability of any such product or service at any time. JPMC products and services are subject to applicable laws, regulations,

service terms and policies of JPMC. Not all products and services are available in all geographic areas or to all customers. Eligibility for particular products and services is

subject to satisfaction of applicable legal, tax, risk, credit and other due diligence, JPMC’s “know your customer,” anti-money laundering, anti-terrorism and other policies and

procedures.

Products and services may be provided by commercial bank affiliates, securities affiliates or other JPMC affiliates or entities. In particular, securities brokerage services other

than those which can be provided by commercial bank affiliates under applicable law will be provided by registered broker/dealer affiliates such as J.P. Morgan Securities LLC,

J.P. Morgan Institutional Investments Inc. or by such other affiliates as may be appropriate to provide such services under applicable law. Such securities are not deposits or

other obligations of any such commercial bank, are not guaranteed by any such commercial bank and are not insured by the Federal Deposit Insurance Corporation.

All trademarks, trade names and service marks appearing in the Information are the property of their respective registered owners.

© 2016 JPMorgan Chase & Co. All rights reserved

Disclaimer

16

Notice to recipient

• "Bank of America Merrill Lynch" is the marketing name for the global banking and global markets businesses of Bank of America Corporation. Lending, derivatives and other commercial banking activities are performed globally by banking affiliates of Bank of America Corporation, including Bank of America, N.A., member FDIC. Securities, strategic advisory, and other investment banking activities are performed globally by investment banking affiliates of Bank of America Corporation ("Investment Banking Affiliates"), including, in the United States, Merrill Lynch, Pierce, Fenner & Smith Incorporated and Merrill Lynch Professional Clearing Corp., both of which are registered as broker-dealers and members of SIPC, and, in other jurisdictions, by locally registered entities. Merrill Lynch, Pierce, Fenner & Smith Incorporated and Merrill Lynch Professional Clearing Corp. are registered as futures commission merchants with the CFTC and are members of the NFA. Investment products offered by Investment Banking Affiliates: Are Not FDIC Insured * May Lose Value * Are Not Bank Guaranteed.

• This document is intended for information purposes only and does not constitute a binding commitment to enter into any type of transaction or business relationship as a consequence of any information contained herein.

• These materials have been prepared by one or more subsidiaries of Bank of America Corporation solely for the client or potential client to whom such materials are directly addressed and delivered (the “Company”) in connection with an actual or potential business relationship and may not be used or relied upon for any purpose other than as specifically contemplated by a written agreement with us. We assume no obligation to update or otherwise revise these materials, which speak as of the date of this presentation (or another date, if so noted) and are subject to change without notice. Under no circumstances may a copy of this presentation be shown, copied, transmitted or otherwise given to any person other than your authorized representatives. Products and services that may be referenced in the accompanying materials may be provided through one or more affiliates of Bank of America, N.A.

• We are required to obtain, verify and record certain information that identifies our clients, which information includes the name and address of the client and other information that will allow us to identify the client in accordance with the USA Patriot Act (Title III of Pub. L. 107-56, as amended (signed into law October 26, 2001)) and such other laws, rules and regulations.

• We do not provide legal, compliance, tax or accounting advice. Accordingly, any statements contained herein as to tax matters were neither written nor intended by us to be used and cannot be used by any taxpayer for the purpose of avoiding tax penalties that may be imposed on such taxpayer.

• For more information, including terms and conditions that apply to the service(s), please contact your Bank of America Merrill Lynch representative.

• Investment Banking Affiliates are not banks. The securities and financial instruments sold, offered or recommended by Investment Banking Affiliates, including without limitation money market mutual funds, are not bank deposits, are not guaranteed by, and are not otherwise obligations of, any bank, thrift or other subsidiary of Bank of America Corporation (unless explicitly stated otherwise), and are not insured by the Federal Deposit Insurance Corporation (“FDIC”) or any other governmental agency (unless explicitly stated otherwise).

• This document is intended for information purposes only and does not constitute investment advice or a recommendation or an offer or solicitation, and is not the basis for any contract to purchase or sell any security or other instrument, or for Investment Banking Affiliates or banking affiliates to enter into or arrange any type of transaction as a consequent of any information contained herein.

• With respect to investments in money market mutual funds, you should carefully consider a fund’s investment objectives, risks, charges, and expenses before investing. Although money market mutual funds seek to preserve the value of your investment at $1.00 per share, it is possible to lose money by investing in money market mutual funds. The value of investments and the income derived from them may go down as well as up and you may not get back your original investment. The level of yield may be subject to fluctuation and is not guaranteed. Changes in rates of exchange between currencies may cause the value of investments to decrease or increase.

• We have adopted policies and guidelines designed to preserve the independence of our research analysts. These policies prohibit employees from offering research coverage, a favorable research rating or a specific price target or offering to change a research rating or price target as consideration for or an inducement to obtain business or other compensation.

• Copyright 2015 Bank of America Corporation. Bank of America N.A., Member FDIC, Equal Housing Lender.

17

http://www.sipc.org/

business continuity discussion - c.ymcdn.comc.ymcdn.com/sites/ · business continuity discussion...

Documents