DRJ's Spring 2019

Conference & Exhibit

Attend The #1 BC/DR Event!

Spring Journal

Volume 32, Issue 1

Full Contents Now Available!

The old saying 'two brains are better than one', holds true for the Financial Services Industry as multiple organizations come together to position themselves to manage through potential and real situations that could impact the industry and its members within. While unique for an industry to be so co-operative, the benefits to their clients continues to outweigh concerns.


Business Continuity Management is intended to minimize risk to an organization - be it employee safety, building structure including infrastructure stability, systems and data integrity, reputation confinement, financial positioning, product/service partnering or Client/Shareholder securement. The need to continue business is paramount. To ensure that an organization or businesses within can manage through a potentially damaging situation is integral to its survival and success. This article will provide you some insight in how a number of organizations within the Financial Services Industry pooled its resources to be prepared.

Setting the Stage

Business Continuity is a process consisting of two parts, Business Continuity Planning (BCP) and Crisis Management (CM). The number and structure of plans will vary by organization. Business Continuity Plans typically include mitigation and recovery strategies and tie into an overall Crisis Management approach. This strategy of Business Continuity readiness filtered into the Financial Institutions in the mid 1980's. It has evolved with many different names; Disaster Recovery, Business Recovery, Business Resumption, Business Contingency through Business Continuity and complimented with Crisis, Event or Transition Management to name a few. No matter the name, the underlining theme is to have plans developed and tested to sustain and/or pivot the organization back into business when a potential threat impedes a business.

Initially, Business Continuity was focused on technology and as such resided within the Operations or Computing side of organizations. As it evolved and the need for continuity within the business itself was realized, coupled with the importance of Risk Assessment, Business Continuity has migrated to the Risk Management area.

The Canadian Financial Industry

The Canadian Financial Services industry acknowledged early on the need for Business Continuity. Some of the key drivers behind this need was that the Financial Institutions (FIs) held the means of peoples livelihood. They were seen as leaders both locally and internationally in the market place, had regulatory requirements to meet, had to manage the corporate client demands, maintain the market share and last but not least, it made good business sense to be prepared. Most Business Continuity Professionals within the major Canadian FIs have attained certification either through the Business Continuity Institute (BCI) or Disaster Recovery Institute (DRI) or both. Each of these designations is a recognized international body with standards and codes of ethics, which the certified member is to comply with. Banks in Canada have incorporated BCM into their organizations.

In the late 1980's, the evolution of the Interbank Contingency Planning Committee (ICPC) was formed. The Business Continuity Groups from the Schedule I Banks came together to form a 'joint informational sharing environment and training ground'. This committee provides the means to share information for both developing business continuity as well as for managing through actual events. This has resulted in establishing a learning/growing environment for all involved.

Benefits from the formation of the ICPC include: joint generic training to multiple FIs business groups, education/training through information sharing, co-ordination of events for the Financial Industry such as Trauma Management and Securities Group discussion. The ICPC facilitates networking and professional development for Business Continuity Professionals in the Financial Services Industry.

The Ice Storm of '98, which affected Eastern Ontario, Quebec and the Atlantic Provinces, was a wake-up call for many Canadians, reinforcing the need for Business Continuity Management. The Financial Industry came together to support one another in the affected region. Cash was king! While the Banks have come together to provide services and support to their clients in a multitude of situations (fires, floods, etc.) prior to the Ice Storm, it was always on an informal basis in a co-operative manner.

Being an important component of 'essential services' challenged Financial Institutions, as they were not initially considered to be in this group. It is important to understand that not all financial services are essential. Initially, the ability to dispense cash is critical. As situations are prolonged, with personal and business financial demands increasing, the ability to raise credit limits and provide loans, etc. becomes more important. This can place added demands on employees who also may be impacted by the situation to juggle their own personal needs and those of a community. During the Ice Storm, Financial Institutions took the initiative and declared themselves 'essential' and eventually were acknowledged by the government.

Coming Together

With the onset of Year 2000, having weathered through a number of situations including the Ice Storm in 1998 and being declared an 'essential' service by the Canadian Government, the Financial Services industry, through representation by the Canadian Bankers Association (CBA), was invited to participate as a member of the Canadian Infrastructure Symposium. Other members of the Symposium included representations from the various utilities, civil authorities, military, and government (municipal, provincial and federal).

At the same time the Financial Services industry had requested the CBA to co-ordinate their year 2000 industry efforts including publicly representing the Industry as their designated spokesperson. Subsequently, the CBA Business Contingency Task Force (CBA-BCTF) was established to jointly address Year 2000 related events and potential threats to the Financial Services sector. The BCTF membership was comprised of Business Continuity Professionals from a number of the FIs, and who were also members of ICPC as well as the CBA Operations Group, Bank of Canada and INTERAC, an industry-wide service provider. As a number of the FIs have links to the securities business, they were also represented on the Ontario Securities Commission and Canadian Securities Association Task Force for Year 2000 initiatives.

While Financial Institutions in Canada have embraced Business Continuity Management and provide similar if not identical financial services, they were still challenged to overcome their cultural differences as each FI is unique and this extended to their BCM approach. However, all members realized the importance of a unified approach and the need for Crisis Management at an Industry level. A Command Centre was established for the Canadian Bankers Association leveraging off the command centres of the FIs; many of which were enhanced for the Year 2000 rollover period.

Benefiting from the experiences and co-operation of the ICPC, the Industry Crisis Management Process and Command Centre along with the FIs' Enterprise Command Centres were put to the test to ensure they would sustain the Financial Services Industry through any potential and/or real situations. The testing was pre-empted with education for all on the new process established. All member organizations had the opportunity to participate in two industry wide tests prior to the Year 2000 rollover. As this was a first for the Financial Services Industry, the initial test took place in Toronto at one site while the second test was virtual with all organizations participating from their own Enterprise Command Centre. As with any exercises, it provided immediate feedback and the process went through a series of refinement.

While the introduction of Year 2000 was non-eventful from an operations perspective, over 100 media related interviews were conducted in the 1st few days of 2000. As Financial Services are deemed to be essential and with Canada being one of the last countries to enter into the new millennium, the media were watching the Financial Institutions with heightened interest. The Crisis Management Process adopted for the rollover was successfully utilized from a communications perspective. The FIs and their business partners continued to keep each other informed of their verification activities prior to and following the first few days of business in the various jurisdictions they operate in globally.

Going Forward

We realized the need to align our informal pre-Year 2000 and Year 2000 processes for responding to situations early in the new year as we utilized both processes to respond to a weather situation in Atlantic Canada. At the same time, the CBA-BCTF was being stepped down, along with a number of other committees specifically put in place to address the introduction of Year 2000.

The Financial Institutions all acknowledge the need to continue with a formalized process to address potential situations and more importantly that it be practiced, and enhanced on a regular basis. As the ICPC group continues to meet on a regular basis they have assumed this responsibility for the Canadian Financial Services Industry. The ICPC has expanded its membership to include the CBA and non-Schedule I Financial Institutions that were members of the CBA-BCTF for Year 2000. The Industry continues to look to the CBA as their designated spokesperson. Should a situation arise, the CBA would activate their command centre, as would each of the Financial Institutions and their business partners.


While yes it is unique for an industry to be so co-operative, clearly the Canadian Financial Services Industry has experienced the positive impact it has on their clients and business partners. They continue to position themselves to be responsive to their clients to jointly address potential and /or real risks that may impact the Industry across Canada and in our many global jurisdictions.

Jay R. Grove, CBCP, CIBC - INTRIA-HP Co. is a Technical Specialist within Contingency Services of the Information Integrity & Security Services division of INTRIA-HP. He is a member of the Toronto Chapter of the Disaster Recovery Information Exchange (DRIE), and is a certified Facilitator. He has designed, facilitated and participated in a number of testing simulations consistent with business resumption planning. Carol Moffitt is a Senior Manager with the Bank of Montreal. Carol has her Business Continuity Management certification through the Business Continuity Institute and in addition to being a member is also on its Board of Directors and the contact for Canada.