|
|||||||
|
NASD
ENFORCEMENT FOCUS
Rule 3520 became effective on June 14, 2004 and requires all NASD members to provide the NASD with emergency contact information. Specifically, firms must give the NASD certain prescribed emergency contact information for two members of senior management. These senior managers should be principals of the firm. If a firm only has one principal then the second contact should be a registered representative of the firm. (Sole proprietors with no employees should provide the name of an accountant, lawyer, etc. as the second contact person.) This information must be kept current and its accuracy attested to at least quarterly. The contact information is to be communicated via the NASD's Contact System at http://www.nasd.com/stellent/idcplg?IdcService=SS_GET_PAGE&nodeId=375. New NASD Rule 3510 became effective on August 11, 2004 for clearing firms, and effective on September 10, 2004 for introducing firms. The new rule requires member firms to create and maintain a business continuity plan, and enumerates certain requirements that each plan must address. The Rule further requires members to update their business continuity plans upon any material change and, at a minimum, to conduct an annual review of their plans. A basic requirement of the rule is the requirement that each member also disclose to its customers how its business continuity plan addresses the possibility of a future significant business disruption, and how the member plans to respond to events of varying scope. In Notice to Members 04-37, the NASD announced that the rule is flexible and that BCPs should be tailored to the size and needs of each member. Nevertheless, 3510(c) lists ten elements that each plan is required to have, and to the extent that a member feels that an element is not applicable to its business it must document the rationale for the absence of the omitted element. The required elements, which are set forth in NTM 04-37, are: (1) Data back-up and recovery (hard copy and electronic); (2) All mission critical systems; (3) Financial and operational assessments; (4) Alternate communications between the member and its customers; (5) Alternate communications between the member and its employees; (6) Alternate physical location of employees; (7) Critical business constituent, bank, and counter-party impact; (8) Regulatory reporting; (9) Communications with regulators; and (10) How the member will assure customers' prompt access to their funds and securities in the event that the member determines that it is unable to continue its business.
Finally, much like the anti-money laundering requirement for procedures, the business continuity plan must be approved by a member of senior management, who must be a principal and be responsible for the annual review of the BCP. The NASD has dedicated a portion of its website to address Rule 3510. Materials that were available at this writing include: NTM 04-37; Frequently Asked Questions; a case study that poses questions to be addressed (but no answers) in a particular scenario; and a small firm template that is very generic. Customized Business Continuity
Plans are available now through MGL! Contact Michael R. Schaps,
Vice President or our Sales & Marketing Department today to
find out how MGL can help your firm meet these regulatory requirements.
|
|||||||
| Michael R. Schaps, Vice President Broker/Dealer Division 281-863-6116 |
|
|||||
| Published
and Copyright© 2002 MGL Consulting Corporation all rights reserved
and all of the releases provided are protected by copyright and other applicable laws, treaties, and conventions. All reproductions, other than for an individual user's reference, are prohibited without prior written consent. |
|
| Click here to Signup | |