Business Continuity Plan2015

Colonial Securities, Inc.41 Elizabeth Street

Suite 403New York, NY 10013

2November 2015

Table of Contents

Introduction 4Critical Elements 4Emergency Contact Persons 4Firm Policy 5Types of Significant Business Disruptions (SBDs) 5Approval and Execution Authority 5Plan Location and Access 5Business Description 5Office Locations6Alternative Physical Location(s) of Employees 6Customers’ Access to Funds and Securities 6Data Back-Up and Recovery (Hard Copy and Electronic) 7Financial and Operational Assessments 7

Operational Risk...................................................................................................................................... 7Financial and Credit Risk......................................................................................................................... 8

Mission Critical Systems 8The Firm’s Mission Critical Systems 10

Order Taking......................................................................................................................................... 10Order Entry............................................................................................................................................ 10Order Execution..................................................................................................................................... 10Other Services Currently Provided to Customers..................................................................................10

Alternate Communications Between the Firm and Customers, Employees, and Regulators 11Customers............................................................................................................................................. 11Employees............................................................................................................................................. 11Regulators............................................................................................................................................. 11

Critical Business Constituents, Banks, and Counter-Parties 12Business Constituents........................................................................................................................... 12Banks.................................................................................................................................................... 12Counter-Parties..................................................................................................................................... 13

Regulatory Reporting 13Disclosure of Business Continuity Plan 14Updates and Annual Review 14Senior Manager Approval 15Appendix 1: Business Continuity Planning – Disclosure 16Appendix 2: Key Contact List 17Appendix 3: Books and Records List 18Appendix 4: Backup Facilities List 21Appendix 5: Key Systems List 22Appendix 6: Business Constituents 23Appendix 7: Email Archiving Business Continuity Plan 24Appendix 8: Clearing Firm Business Continuity Plan 25

3November 2015

Introduction

As a result of our ever-changing and evolving world, it has become necessary for firms in the financial services industry to take steps to ensure their preparedness to meet customer needs and resume regular business operations in a timely manner in the event of a significant business disruption (“SBD”).

On April 7, 2004, the Securities and Exchange Commission (“SEC”) approved NASD Rule 3500 Series, which requires members to establish emergency preparedness plans and procedures. As part of the Rule Consolidation Process NASD Rule 3500 (Series) became FINRA Rule 4370. FINRA Rule 4370 requires member firms to create and maintain a business continuity plan (“BCP” or “Plan”) and enumerates certain requirements that each plan must address. In addition, this Rule requires firms to update their business continuity plan upon any material change, and to conduct an annual review of the plan. FINRA Rule 4370 also requires member firms to disclose to its customers how the firm’s business continuity plan addresses the possibility of a future significant business disruption and the firm’s plans to respond to events of varying scope. In addition, FINRA Rule 4370 requires member firms to designate two emergency contact persons and provide this information to FINRA via electronic process.

Critical Elements

There are 10 critical elements of a BCP specified in FINRA Rule 4370. FINRA requires a Firm to address only the elements applicable to its business, but document why a specific element was not included in the Firm’s Plan.

1. Data back-up and recovery (hard copy and electronic);2. All mission critical systems;3. Financial and operational assessments;4. Alternate communications between customers and the member;5. Alternate communications between the member and its employees;6. Alternate physical location of employees;7. Critical business constituent, bank, and counter-party impact; 8. Regulatory reporting; 9. Communications with regulators; and 10. How the firm will assure customers’ prompt access to their funds and securities in the event that

the member determines that it is unable to continue its business.

Emergency Contact Persons

Pursuant to FINRA Rule 4370, Colonial Securities, Inc. (“CSI” or “the Firm”) designates the following two members of senior management, who are also registered principals as the firm’s emergency contacts:

1. David Wong, VP/CCO: phone number: (212) 807-8880; cell phone: (917) 838-8368; email address: david.wong@colonialsecurities.com

2. Yee Yee Wong, President: (718) 746-0383; cell phone: (917) 903-0222; email address: yee.wong@colonialsecurities.com

CSI will update the above information in the event of a material change, and the Firm’s Chief Compliance Officer will review them within 17 business days of the end of each calendar year. In addition, this information is provided to FINRA, reviewed and updated as necessary via FINRA’s Contact Management System. The Firm’s Chief Compliance Officer or his/her designee will promptly notify FINRA of any change in this information through FCS (but no later than 30 days following the change.)

Rule: FINRA Rule 4370(f); NASD Rule 1160.

4November 2015

Firm Policy

Colonial Securities Inc.’s policy is to respond to a Significant Business Disruption (SBD) by safeguarding employees’ lives and firm property, making a financial and operational assessment, quickly recovering and resuming operations, protecting all of the Firm’s books and records, and allowing clients to transact business.

Types of Significant Business Disruptions (SBDs)

CSI’s Business Continuity Plan anticipates two kinds of Significant Business Disruptions (SBDs), internal and external. Internal SBDs affect only the Firm’s ability to communicate and do business, such as a fire in the Firm’s building. External SBDs prevent the operation of the securities markets or a number of firms, such as a terrorist attack, a city flood, or a wide-scale, regional disruption. The Firm’s response to an external SBD relies more heavily on other organizations and systems, including the Firm’s clearing firm.

Approval and Execution Authority

The Firm’s President, a registered principal, is responsible for approving the plan and for conducting the required annual review. The Firm’s Chief Compliance Officer has the authority to execute this Business Continuity Plan.

Plan Location and Access

The Firm will maintain copies of its Business Continuity Plan, the annual reviews, and the changes that have been made to it for inspection. All documentation pertaining to the Firm’s Business Continuity Plan will be maintained at the Firm’s main office. In addition, the Firm maintains an electronic copy of its Plan which can be found at: http://home.mindspring.com/-colonialsecruties in the BCP - Business Continuity Plan tab and in the BCP link.

Rule: FINRA Rule 4370(b), (d) and (e).

Business Description

CSI conducts business in equities, options, mutual funds and fixed income securities. CSI is an introducing firm and does not perform any type of execution or clearing functions for itself or others. Furthermore, the Firm does not hold customer funds or securities. The Firm accepts and enters orders. All transactions are sent to the Firm’s clearing firm (Hilltop Securities, Inc.) which executes orders, compares them, allocates them, clears and settles them. The Firm’s clearing firm also maintains the Firm’s customers’ accounts, grants customers access to them, and delivers funds and securities. The Firm services only retail customers. In addition, the Firm does not engage in any private placements.

The Firm’s clearing firm is Hilltop Securities, Inc. and is located at 1201 Elm St, Suite 3500, Dallas, TX 75270.

5November 2015

Office Locations

Main Office: The Firm’s main office is located at 41 Elizabeth Street, Suite 403, New York, NY 10013. The Firm’s telephone number is (212) 964-6504. Firm employees may travel to that office by means of foot, car, subway, train, bus, boat, or plane. The Firm engages in order taking and entry at this location.

The Firm does not have any additional locations.

Alternative Physical Location(s) of Employees

In the event of a Significant Business Disruption, the Firm will move its staff from the affected office to the unaffected location. This location is reasonably distant from the Firm’s main office to reduce the chance that both will be affected by the same SBD, yet close enough so that relocation by car/public transportation is feasible. The address of the Firm’s Alternative Physical Location is: 65 W. 13 th Street, # 4i, New York, NY 10011.

In the event that a SBD incapacitates the Firm’s office, the first priority will be the safety of the Firm’s employees. If it is possible to salvage equipment and books and records in a safe manner, all of the key components of the office will be removed and transported to another location. In the event that everything in the office is destroyed or cannot be salvaged, the Firm’s IT Consultant will be responsible for obtaining the electronic back-up books and records for the office and transporting them to the non-effected location. Recovery and implementation of back up books and records will be less than 24 hours.

Rule: FINRA Rule 4370(c)(6).

Customers’ Access to Funds and Securities

The Firm does not maintain custody of customer funds or securities. The Firm’s clearing firm holds customer funds and safekeeps customer securities. In the event of an internal or external SBD, if telephone service is available, registered representatives will be available to take customer orders or instructions and contact the Firm’s clearing firm on their behalf. In addition, if the Firm’s website is available, the Firm will post instructions on how the Firm’s customers may access their funds and securities (through contacting the clearing firm directly). In addition, the Firm will provide this information to all customers at the time an account is opened.

If SIPC determines that the Firm is unable to meet its obligations to clients or if the Firm’s liabilities exceed its assets in violation of Securities Exchange Act Rule 15c3-1, SIPC may seek to appoint a trustee to disburse the Firm’s assets. The Firm will assist SIPC and the trustee by providing its books and records identifying customer accounts subject to SIPC regulation.

Rules: FINRA Rule 4370(a); Securities Exchange Act Rule 15c3-1; see also 15 U.S.C. § 78eee.

Data Back-Up and Recovery (Hard Copy and Electronic)6

November 2015

It is possible that an SBD may result in the destruction of the Firm’s primary books and records. Therefore, the Firm has implemented a system of electronically backing up such books and records including off-site storage of the back-ups.

Under the supervision of the Firm’s Chief Compliance Officer or his/her designee, the Firm maintains its primary hard copy books and records and its electronic records at its main office which is located at 41 Elizabeth Street, Suite 403, New York, NY 10013. Examples of such documents maintained by the Firm and not transmitted to the Firm’s clearing firm include: order tickets, customer complaints, customer correspondence, Articles of Incorporation, Corporate Minutes, company stock certificates, personnel and registration records.

Under the supervision of the Firm’s Chief Compliance Officer or his/her designee, the Firm maintains its back-up hard copy books and records at Storage Post located at 30-28 Starr Avenue, Long Island City, NY, 11101. These records may be in paper, microfilm, or CD/DVD format. The Firm backs up its paper records by scanning and/or copying and moving them to the back-up site. The Firm backs up its records on a daily basis.

The Firm’s electronic records are backed up daily by the Firm’s clearing firm. The Firm does maintain a copy of the clearing firm’s BCP and Disaster Recovery Plan for reference.

In the event of an internal or external SBD that causes the loss of its paper records, the Firm will physically recover them through all third party vendors (Storage Post, Hilltop) and via external storage devices such as hard drives, flash memory devices, and CD/DVDs. If the Firm’s primary site is inoperable, the Firm will continue operations by telecommunications with all Firm employees and registered representatives working from their primary residences. For the loss of electronic records, the Firm will either physically recover the storage media or electronically recover data from its back-up site, or, if the Firm’s primary site is inoperable, the Firm will continue operations from an alternate location.

All back-up locations will be distant enough from the Firm’s office to reduce the chance that they will be affected by the same SBD, yet close enough to access quickly if the back-up books and records become an immediate necessity. In the event that the Firm’s digital back-up books and records are needed, the Firm’s IT Consultant will be responsible for obtaining them and electronically transferring or physically transporting the backup storage media back to the applicable office.

Rule: FINRA Rule 4370(c)(1).

Financial and Operational Assessments

FINRA defines “financial and operational assessments” as “a set of written procedures that allows a member to identify changes in its operational, financial, and credit risk exposures”. As demonstrated in the events of September 11, 2001, a SBD of great enough severity can expose a firm to several risk factors that can potentially put the firm out of business or cause financial harm to its clients. It is important, in the face of an SBD, for the Firm to manage the risks that are specific to its business and take whatever steps possible to assure the least amount of impact on its clients.

Operational Risk

In the event of an SBD, the Firm will immediately identify what means will permit the Firm to communicate with its customers, employees, critical business constituents, critical banks, critical counter-parties and regulators. Although the effects of an SBD will determine the means of alternative communication, the communications options the Firm will employ will include its website,

7November 2015

cell phones, cell phone voice mail, secure mail, walk-in to backup site, etc. In addition, the Firm will retrieve its key activity records.

Rules: FINRA Rules 4370(c)(3),(c)(4), (c)(5), (c)(7), (c)(9) & (g)(2).

Financial and Credit Risk

Financial risk involves the firm’s ability to fund operations and maintain adequate financing and sufficient capital. The firm also may face credit risk (where its investments may erode from the lack of liquidity in the broader market), which would also hinder the ability of the firm’s counterparties to fulfill their obligations.

In the event of an SBD, the Firm will determine the value and liquidity of its investments and other assets to evaluate its ability to continue to fund operations and remain in capital compliance. The Firm will contact its clearing firm, critical banks and investors to apprise them of its financial status. If the Firm determines that it may be unable to meet its obligations to those counter-parties or otherwise continue to fund its operations, the Firm will request additional financing from its bank or other credit sources to fulfill its obligations to its customers. If the Firm cannot remedy a capital deficiency, it will file appropriate notices with its regulators and immediately take appropriate steps, including depositing of personal funds to meet net capital and liquidity requirements.

Rules: FINRA Rules 4370(c)(3), (c)(8) & (g)(2).

Mission Critical Systems

The Firm has devised a plan that will allow it to manage a system outage in any of its mission-critical systems. FINRA defines a “mission-critical system” as “any system that is necessary, depending on the nature of the member’s business, to ensure prompt and accurate order processing of securities transactions, including but not limited to, order taking, entry, execution, comparison, allocation, clearance and settlement of securities transactions, the maintenance of customer accounts, access to customer accounts, and the delivery of funds and securities”. The Firm expands that definition to include all of the systems on which the Firm relies for its regular, uninterrupted business operations.

Computer Systems: ● Hardware and Service Descriptions ● Computer hardware is manufactured by Dell and Hewlett Packard (HP). ● Printers, copiers, and faxes are manufactured by Hewlett Packard, Canon and Toshiba. ● All PCs/laptops will run Microsoft XP, Service Pack 3, Windows 7 and Windows 8. ● There are no minimum performance specifications for the firms PCs/Laptops.

● File/Print Services will be provided by Microsoft Windows operating system. These services are responsible for the centralized storage of all user files and sharing of all printers.

● Email/Groupware services will be provided by Global Relay. This service is responsible for providing email for both individual and company-wide use and archival.

● Centralized Antivirus Protection will be provided by Microsoft Security Essentials. This software is installed on each personal computer connected to the network.

● Firewall will be provided by Microsoft Security Essentials on each person computer. The Fortinet Router has built in Firewall, Antivirus and D.O.S.

Anti-Malware will be provided by Malwarebytes on certain computers.

Back-Up Capabilities:

8November 2015

● On-site file servers contain RAID 5 arrays enabling immediate disk failover and rebuild capabilities in the event of a hard drive failure.

● On-Site Network data is backed up using Synology NAS. ● The back-up media will be physically stored off-site.

Log-In: ● Server login will be password protected. ● Client PC/laptop access will be password protected. ● Desktop computers will be logged off each evening. Remote Access: ● Avaya telephone system utilizing T1 technologies with POTS line backup. ● All principals, officers and most employees will carry cell phones. ● Email will be captured and archived by Global Relay

In the event of a SBD that renders the computer system useless, the Firm will obtain new computer equipment. This process is expected to take 24 to 48 hours.

The Firm’s “mission critical systems” are those that ensure prompt and accurate processing of securities transactions, including order taking, entry, execution, comparison, allocation, clearance and settlement of securities transactions, the maintenance of customer accounts, access to customer accounts and the delivery of funds and securities.

The Firm has a primary responsibility for establishing and maintaining its business relationships with its customers and has sole responsibility for its mission critical functions of order taking and entry. The Firm’s clearing firm provides, through contract, the execution, comparison, allocation, clearance and settlement of securities transactions, maintenance of customer accounts, access to customer accounts and the delivery of funds and securities.

The Firm’s clearing firm contract provides that the clearing firm will maintain a business continuity plan and the capacity to execute that plan. The Firm’s clearing firm represents that it will advise the Firm of any material changes to its plan that might affect the Firm’s ability to maintain its business. The Firm’s clearing firm has presented the Firm with an executive summary of its plan, which is included as part of the Firm’s BCP. In the event the Firm’s clearing firm executes its plan, it represents that it will notify the Firm of such execution and provide the Firm equal access to services as its other customers. If the Firm reasonably determines that its clearing firm has not or cannot put its plan in place quickly enough to meet the Firm’s needs, or is otherwise unable to provide access to such services, the Firm’s clearing firm represents that it will assist the Firm in seeking services from an alternative source.

The Firm’s clearing firm represents that it backs up the Firm’s records at a out of region site. The Firm’s clearing firm represents that it operates a back-up operating facility in a geographically separate area with the capability to conduct the same volume of business as its primary site. The Firm’s clearing firm has also confirmed the effectiveness of its back-up arrangements to recover from a wide scale disruption by testing and it has confirmed that it tests its back-up arrangements every quarter.

Recovery-time objectives provide concrete goals to plan for and test against. They are not, however, hard and fast deadlines that must be met in every emergency situation, and various external factors surrounding a disruption, such as time of day, scope of disruption and status of critical infrastructure—particularly telecommunications—can affect actual recovery times. Recovery refers to the restoration of clearing and settlement activities after a wide-scale disruption; resumption refers to the capacity to accept and process new transactions and payments after a wide-scale disruption. The Firm’s clearing firm has the following SBD recovery time and resumption objectives: recovery time period of within 4 hours; and resumption time of within the same business day.

The Firm’s Chief Compliance Officer or his/her designee will periodically review its clearing firm’s capabilities to perform the mission critical functions the clearing firm has contracted to perform for the

9November 2015

Firm. In addition, the Firm’s clearing firm represents that the clearing firm may take orders, execute orders, settle orders, receive and disburse funds and securities on behalf of the Firm if the Firm cannot do so itself.

The Firm’s Mission Critical Systems

Order Taking

Currently, the Firm receives orders from customers via telephone and in person visits by the customer. During an SBD, either internal or external, the Firm will continue to take orders through any of these methods that are available and reliable, and in addition, as communications permit, the Firm will inform its customers when communications become available to tell them what alternatives they have to send their orders to the Firm. Customers will be informed of alternatives by email, fax, telephone or whatever means are available to the Firm. If necessary, during an internal SBD, the Firm may need to instruct its customers to place orders directly with the Firm’s clearing firm, by calling the Trading Help Desk at (214) 859-1080.

Order Entry

Currently, the Firm enters orders by recording them on paper and sending them to the Firm’s clearing firm electronically or telephonically.

In the event of an internal SBD, the Firm will enter and send records to the Firm’s clearing firm by the fastest alternative means available, which include email, phone, fax or any other method that is available for the Firm to use. In the event of an external SBD, the Firm will maintain the order in electronic or paper format, and deliver the order to the clearing firm by the fastest means available when it resumes operations. In addition, during an internal SBD, the Firm may need to refer its customers to deal directly with the Firm’s clearing firm for order entry.

Order Execution

Currently the Firm does not execute orders. All orders received by the Firm are transmitted to the Firm’s clearing firm, via wire or phone for execution by the clearing firm. The Firm’s clearing firm, under contract, provides for the execution, comparison, allocation, clearance and settlement of all securities transactions received by the clearing firm on behalf of the Firm and its customers.

Other Services Currently Provided to Customers

Under Contract, the Firm’s clearing firm also provides the following services: the maintenance of customer accounts, access to customer accounts, the delivery of customer funds and/or securities, and the safekeeping of customer funds and/or securities.

Mission Critical Systems Provided by the Firm’s Clearing Firm

10November 2015

The Firm relies, by contract, on its clearing firm to provide order execution, order comparison, order allocation, the maintenance of customer accounts, access to customer accounts, the delivery of customer funds and/or securities, and the safekeeping of customer funds and/or securities.

Rules: FINRA Rules 4370(c)(3), (c)(8) & (g)(2).

Alternate Communications Between the Firm and Customers, Employees, and Regulators

Customers

The Firm now communicates with its customers using telephone, fax, U.S. mail and in-person visits at the Firm. In the event of an SBD, the Firm will assess which means of communication are still available to it, and use the means closest in speed and form (written or oral) to the means that the Firm has used in the past to communicate with the other party. For example, if we have communicated with a party by email but the Internet is unavailable, the Firm will call the party on the telephone and follow up where a record is needed with paper copy in the U.S. mail.

Rule: FINRA Rule 4370(c)(4).

Employees

The Firm now communicates with its employees using telephone and in person. In the event of an SBD, the Firm will assess which means of communication are still available to it, and use the means closest in speed and form (written or oral) to the means that it has used in the past to communicate with the other party. The Firm will also employ a call tree so that senior management can reach all employees quickly during an SBD. The call tree includes all staff home and office phone numbers. The Firm has identified persons, noted below, who live near each other and may reach each other in person:

The person to invoke use of the call tree is the Firm’s Chief Compliance Officer or his/her designee.

Caller Call RecipientsDavid Wong Yee Wong, Richard Wong, Judy Lim, Vivian

Fung, David LeeYee Wong Kin Huang, Victor Lim, Richard Wong, Judy Lim Vivian Fung, David Lee, Carlos FigueroaRichard Wong Yee Wong, Phillip Huang, Victor Lim, Ken Hui

Rule: FINRA Rule 4370(c)(5).

Regulators

The Firm is currently a member of the following self-regulatory organizations (SROs) – FINRA. The Firm is also regulated by FINRA, the Securities and Exchange Commission (SEC), and various state securities regulators. The Firm communicates with its regulators using telephone, email, fax, U.S. mail, and in person. In the event of an SBD, the Firm will assess which means of communication that are still available to it, and use the means closest in speed and form (written or oral) to the means that it has used in the past to communicate with the other party.

11November 2015

The following is information that may be vital in dealing with the firm’s regulators in the event of an SBD:Firm Information:

Colonial Securities, Inc. CRD Number: 3013FINRA District 10 – New York: Telephone Number: (212) 858-4000

Fax Number: (212) 858-4189FINRA – Washington: Telephone Number: (301) 590-6500SIPC: Telephone Number: (202) 371-8000

Fax Number: (202) 371-6728SEC – Market Regulation Telephone Number: (202) 942-0069

Rule: FINRA Rule 4370(c)(9).

Critical Business Constituents, Banks, and Counter-Parties

Business Constituents

The Firm has contacted its critical business constituents (businesses with which the Firm has an ongoing commercial relationship in support of its operating activities, such as vendors providing critical services), and determined the extent to which the Firm can continue its business relationship with them in light of the internal or external SBD. The Firm will quickly establish alternative arrangements if a business constituent can no longer provide the needed goods or services because of a SBD to them or the Firm. The Firm has entered into a supplemental contract with certain critical business constituents to provide such services. The alternative suppliers are disclosed as an appendix to this BCP.

Rules: FINRA Rule 4370(c)(7).

Banks

The Firm has contacted its banks and lenders to determine if they can continue to provide the financing that the Firm will need in light of the internal or external SBD. The bank maintaining the Firm’s operating accounts are:

United Orient Bank Citibank, NA10 Chatham Square 2 Mott StreetNew York, NY 10038 New York, NY 10013Contact: Raymond Lee Contact: Fanny WuPhone Number: (212) 349-1100 Phone Number: (212) 240-8277

The bank maintaining the Firm’s Proprietary Account of Introducing Brokers/Dealers (PAIB account) is:

Hilltop Securities, Inc.1201 Elm St, Suite 3500Dallas, TX 75270Contact: Stephaine OttoPhone Number: (214) 859-6624

If the Firm’s banks and/or other lenders are unable to provide the financing, the Firm shall seek alternative financing immediately from David Wong, 65 W. 13th Street, #4i, New York, NY 10011.

12November 2015

Rules: FINRA Rule 4370(c)(7).

Counter-Parties

The Firm has contacted its critical counterparties, such as other broker-dealers, mutual fund companies and institutional customers, to determine if the Firm would be able to carry out its transactions with them in light of the internal or external SBD. Where the transactions cannot be completed, the Firm will work with its clearing firm or contact those counterparties directly to make alternative arrangements to complete those transactions as soon as possible.

Rules: FINRA Rule 4370(c)(7).

Regulatory Reporting

The Firm is subject to regulation by: FINRA, the Securities and Exchange Commission, and various state securities regulators. The Firm now files reports with its regulators using paper copies in the U.S. mail, and electronically using fax, email and the Internet. In the event of an SBD, the Firm will check with the SEC, FINRA and other regulators to determine which means of filing are still available to the Firm, and use the means closest in speed and form (written or oral) to the Firm’s previous filing method. In the event that the Firm cannot contact its regulators, the Firm will continue to file required reports using the communication means available to it.

Regulator Address Phone Number Contact PersonSecurities and Exchange Commission

Northeast Regional Office233 BroadwayNew York, NY 10279

(646) 428-1500email: newyork@sec.gov

n/a

FINRA – New York District Office (#10)

One World Financial Center9th FloorNew York, NY 10281

(212) 858-4304(212) 858-4366 (fax)

Yana Martova

FINRA – Washington DC

1735 K Street, NW., Washington, DC 20006

202-728-8000 n/a

SIPC (202) 371-8000(202) 371-6728 (fax)

n/a

Report Method of FilingFOCUS Reports Via internet through Web-FOCUS SystemFinancial Statements to Regulators Via Facsimile or InternetOATS Clearing FirmACT Clearing FirmTRACE Clearing FirmMSRB Clearing Firm

Rule: FINRA Rule 4370(c)(8).

Disclosure of Business Continuity Plan

13November 2015

The Firm will disclose in writing a summary of its BCP to customers at account opening and with an annual insert. The Firm will also post the summary on its website and mail to a customer upon request. The Firm’s summary addresses the possibility of a future SBD, both internal and external and how the Firm plans to respond to those events. This will include contact names, telephone numbers and locations for customers in case of any SBD. The Firm’s disclosure provides customers with instructions on how customers can access their accounts, funds, securities, and how to place orders. In addition, the Firm’s BCP disclosure will provide information related to the existence of back-up facilities, SBD arrangements and a summary of the Firm’s clearing firm’s BCP and mission critical systems. The Firm’s BCP is subject to modification. An updated summary will be promptly posted to the Firm’s website and customers may alternatively obtain updated summaries by requesting a written copy by mail.

Rule: FINRA Rule 4370(e).

Updates and Annual Review

The Firm will update this plan whenever the Firm has a material change to its operations, structure, business or location or to those of the Firm’s clearing firm. In addition, the Firm will review this BCP annually, to modify it for any changes in its operations, structure, business or location or those of its clearing firm.

Rule: FINRA Rule 4370(b).

14November 2015

Senior Manager Approval

I have approved this Business Continuity Plan as reasonably designed to enable the Firm to meet its obligations to customers in the event of a Significant Business Disruption.

Rule: FINRA Rule 4370(d).

Signed:

Title:

Date:

15November 2015

Appendix 1: Business Continuity Planning – Disclosure

Colonial Securities, Inc.Business Continuity Plan

We have developed a Business Continuity Plan on how we will respond to events that significantly disrupt our business. Since the timing and impact of disasters and disruptions is unpredictable, we will have to be flexible in responding to actual events as they occur. With that in mind, we are providing you with this information on our business continuity plan.

Contacting Us – If after a significant business disruption you cannot contact us as you usually do at (212) 964-6504, you may call our alternative emergency number (917) 838-8368. Please do not call our alternative number unless you truly believe that our business has been interrupted. If you cannot access us through either of those means, you may call our clearing firm, Hilltop Securities directly. You will be able to enter transactions through them and have access to your funds and securities. The contact information will be updated on our website, http://www.colonialsecurities.com.

Our Business Continuity Plan – We plan to quickly recover and resume business operations after a significant business disruption and respond by first safeguarding our employees and then safeguarding our property, making a financial and operational assessment, protecting the firm’s books and records, and allowing our customers to transact business. In short, our business continuity plan is designed to permit our firm to resume operations as quickly as possible, given the scope and severity of the significant business disruption.

Our business continuity addresses: data backup and recovery; mission critical systems; financial and operational assessments; alternative communications with customers, employees, our clearing firm and regulators; alternate physical locations of employees; critical supplier, contractor, bank and counter-party impact, if any; regulatory reporting; and assuring our customers prompt access to their funds and securities if we are unable to continue our business.

While every emergency situation poses unique problems based on external factors, such as time of day and the severity of the disruption, our clearing firm is also required to have, and has, a plan to restore its own operations, be able to complete existing transactions and accept new transactions and payments promptly. Your orders and requests for funds and securities could be delayed during this period.

Varying Disruptions – Significant business disruptions can vary in their scope, such as only our firm, a single building housing our firm, the business district where our firm is located, the city where we are located or the whole region. Within each of these areas, the severity of the disruption can also vary from minimal to severe. In a disruption to only our firm or a building housing our firm, we will transfer our operations to a local site when needed and expect to recover and resume business as quickly as possible. In a disruption affecting our business district, city, or region, we would probably transfer our operations to a site outside the affected area, and recover and resume business promptly. In either situation, we plan to continue in business, transfer operations to our clearing firm if necessary, and notify you how to contact us. If the significant business disruption is so severe that it prevents us from remaining in business, our customers will be able to access their funds and securities by simply contacting our clearing firm.

For more information – If you have any questions about our business continuity planning, feel free to call us.

16November 2015

Appendix 2: Key Contact List

Person Area of ResponsibilityYee Yee Wong CEO/President/FINOPDavid Wong Chief Compliance Officer

17November 2015

Appendix 3: Books and Records List

Introducing or Clearing Broker/Dealer Records Hard Copy Electronic N/ATrade (a.k.a Purchase and Sales) Blotter XCash Received/Forward Blotter X XChecks Received/Forwarded Blotter X XSecurities Received/Delivered Blotter X XSecurities Borrowed and Securities Loaned Ledger XMonies Borrowed and Loaned (together with a record of the collateral and any substitutions in such collateral) Ledger

X

Securities Failed to Receive and Failed to Deliver Ledger XLong and Short Securities Differences Ledger XRepurchase and Reverse Repurchase Agreement Ledger XLong and Short Position Ledger XProprietary Order Tickets or other record of buy/sell instructions (executed or not)

X X

Customer Order Tickets or other record of buy/sell instructions (executed or not)

X X

Confirmations of Customer Transactions XCash / Margin Requirements XOption Positions XLost or Stolen Securities Records X XRecords for “Internal B/D System” Customer Access XClient Cash and Margin Account Ledgers XFirm Cash and Margin Account Ledgers XSecurities in Transfer Ledger XAdvertising/ Sales Literature Pieces XRadio Broadcast Transcripts XAudio/Video Tape Transcripts and Copies XNewspaper Copy XInternal and Public Communications Sent/Received (Email) XInternal and Public Communications Sent/Received (Instant Messaging)

X

Internal and Public Communications Sent/Received (Hard Copies)

X

Customer Account Information (New Account Records) X XDividends and Interest Ledger XOATS Files XSEC Rule 11Ac1-5 Market Maker Order Routing Records XSEC Rule 11Ac1-6 Order Routing Venue Records XTRACE Participation Agreements XTRACE Submission Files (if prepared and reported/transmitted internally)

X

Engagement LettersClient Relationship/New Account Information X XDue Diligence Documents (support for due diligence process)

X X

Purchase Agreements XEscrow Agreements XConfidentiality Agreements XPrivate Placement Memoranda XSubscription Agreements X

18November 2015

Financial Records Hard Copy Electronic N/ABank Statements XBrokerage Statements XClearing Account Statements: Deposit Account XClearing Account Statements: Error Account XClearing Account Statements: Commission Account XClearing Account Statements: 12b-1 Account XClearing Account Statements: Trading/Inventory Account XClearing Account Statements: Average Price Account XClearing Account Statements: Sundry Account XClearing Account Statements: Summary Report (showing gross commissions for OTC, listed, mutual funds, etc)

X X

Clearing Account Statements: Settlement Statements X XCheck Register XCopies of All Checks Written on all Accounts XAccount Reconciliations of all Accounts (Bank, Brokerage, and Clearing)

X X

Balance Sheet X XIncome Statement X XNet Capital Computation X XChart of Accounts X XGeneral Ledger X XGeneral Journal X XTrial Balance X XCash Disbursement Journal X XCash Receipts Journal XPayroll Files X XAnnual Audit Information X XBills Received and Paid (Vendors) X X

Company Records Hard Copy Electronic N/AOperating Agreement (if LLC) XArticles of Organization (if LLC) XArticles of Incorporation (if Corporation) XBy-Laws (if Corporation) XCompany Minutes XPartnership Agreement (if Partnership of LLP) XForm BD X XSIPC Registration Records XFidelity Bond Records XLease and Sublease Agreements XErrors and Omissions Insurance XDirectors and Officers Insurance XSurety Bond XHealth Insurance X

19November 2015

Employee Records Hard Copy Electronic N/AForm U4s X XForm U5s X XAssociated Persons Compensation Records XAssociated Persons Location and Identification Number Records

X

Investigation of Prior Employment XCredit Report/Background Check XNon-Registered Persons Employment Records XAssociated Persons’ Fingerprint Records X

20November 2015

Appendix 4: Backup Facilities List

Location FunctionRegistered Representatives Primary Residence Individual Employee Back Up Facilities

21November 2015

Appendix 5: Key Systems List

System/Application OperationsMicrosoft Live / Microsoft Outlook EmailMicrosoft Word Word ProcessingMicrosoft Excel Spreadsheets Microsoft Powerpoint PresentationsMicrosoft Security Essentials Virus ProtectionSWST Brokerview Clearing Back Office/Order Entry/Account AccessGlobal Relay Email ArchivingVisioneer Paperport Scanning SystemDLI Call Investigator Phone Recording System

22November 2015

Appendix 6: Business Constituents

Service Provider’s Name

Service Provider’s Address

Service Provider’s Phone Number

Product/Service Alternative Supplier’s

NameHilltop Securities, Inc.

1201 Elm St, Suite 3500Dallas, TX 75270

(214) 859-6624 Clearing Services – Relationship Manager: Stephanie Otto

Hilltop Securities, Inc.

(212) 859-1800 Main Number

QUODD Financial (866) 537-5518 Market Data Provider

Theodore Liftman Insurance, Inc.

101 Federal Street, 22nd Floor, Boston, MA 02100

(617) 439-9595 Fidelity Bond None

Wong and Company

57 W. 38th Street, 12th Floor, New York, NY 10019

(212) 840-6123 Tony Wong

Accountant

Compliance Solutions Group, LLC

P. O. Box 65367Philadelphia, PA 19155

(215) 620-6250 Compliance Services

None

Verizon Online (888) 649-9500 Internet Service Provider

Storage Post 30-28 Starr Avenue, Long Island City, NY 11101

(718) 937-2270 Document Storage

Global Relay Communications Inc.

220 Cambie Street, 2nd FloorVancouver, BC V6B 2M0

(866) 484-6630(604) 608-2941 (fax)

Email Archival/Compliance Review

MegaPath 6800 Koll Center Parkway, Suite 200, Pleasanton, CA 94566

(877) 611-6342 Telephone Service

Time Warner Business

41-61 Kissena Blvd. Flushing, NY 11355

(877) 227-8711 Internet Service Provider

23November 2015

Appendix 7: Email Archiving Business Continuity Plan

24November 2015

Appendix 8: Clearing Firm Business Continuity Plan

25November 2015