- assuring an ethical response to customers,
- complying with BCP regulations, and
- avoiding E&O insurance liabilities due to a botched BCP activation.
“Although most advisors focus on the compliance aspects of disaster planning, they should never forget the ethical implications of their actions in a time of crisis,” said Japheth Smellie, chief operating officer of EOforLess, as well as executive director of its sponsor, the National Ethics Association. “This means not only focusing on getting their business back online as quickly as possible, but also on being there for their clients as fellow human beings affected by the same tragedy.” For instance, after Hurricane Harvey, Houston-area advisors who shared their experiences with the media spoke of reaching out to clients to make sure they were safe . . . and of clients responding in kind. Advisors also got personally involved in neighborhood rescue efforts after torrential rains drowned America’s sixth largest city. They also wanted to make sure their customers knew they would be available to render financial assistance when they needed help. A related ethical concept is fiduciary duty. Once they activate their BCP after a crisis, insurance- and securities-licensed professionals should adopt a fiduciary mindset toward their clients—i.e., taking appropriate steps to protect their assets and interests. Although they are not legally required to do this as legal fiduciaries (because they aren’t regulated as such), it makes good business sense to adopt a fiduciary-like posture with clients at this time. However, state- and federally-registered investment advisors are held to a strict fiduciary standard, especially in the aftermath of a natural disaster or other disruption. It’s not only an ethical duty, but also a legal one to exhibit loyalty and prudent care to clients in times of need. The second business challenge is to comply with all BCP regulations affecting insurance agents and agencies, securities brokers, and registered investment advisors (RIAs). Reflecting the financial-services industry’s patchwork regulations, the nature of financial professionals’ BCPs depend on how they’re licensed, although there are broad similarities across license types. Federally-supervised RIAs (those with assets under management of $100 million or more) are subject to the 2004 Investment Advisors Act Rule 206(4)-7. This rule required RIAs to formally adopt written compliance procedures as well as to appoint a chief compliance officer to oversee those procedures, one of which was to develop a BCP in the event of a natural disaster or death of a firm principal or key staffer. However, in June 2016, the Securities and Exchange Commission proposed a new measure (Rule 206(4)-4). It explicitly requires federal RIAs to have a formal, written BCP and transition plan to make sure they can deliver on their fiduciary duties during and after a crisis. In fact, the final rule, which is expected in April 2018, will make it illegal to provide investment advice unless a firm has a written BCP that is reviewed at least annually. It may even hold advisors liable for fraud if they operate without one. State-regulated RIAs (those with assets under management of less than $100 million) must comply with the BCP rules of their state securities administrator. The North American Securities Administrators Association (NASAA) adopted a model rule on Business Continuity and Success Planning in April 2015, which mandates that advisors provide for the following:
- The protection, backup, and recovery of books and records.
- Alternative means of communications with customers, key personnel, employees, vendors, service providers, and regulators.
- Office relocation in the event of temporary or permanent loss of a principal place of business.
- Reassignment of duties to a qualified staffer in the event of the death or unavailability of key personnel.
- Prevention of service disruptions and client harm that could result from a sudden significant business interruption.
The NASAA model rule is now effective in Colorado, Illinois, Iowa, Nebraska, Pennsylvania, Vermont, and Virginia, with the state of Washington having its own rule. More states are expected to enact the rule over time. For their part, securities licensed professionals must comply with the Financial Industry Regulatory Authority’s (FINRA) Emergency Preparedness Rule (Rule 4370), which is similar to the SEC rule without the fiduciary overlay. It also requires brokers to provide their BCPs to customers at account opening, as well as post it on their website and mail it to customers upon request. Life, health, and P&C insurance agents, unlike investment advisors and securities brokers, don’t have an SEC- or FINRA-type national BCP protocol. However, they are subject to state insurance department rules. This does not mean they can skimp on developing a continuity plan, since their ability to survive a business disruption hinges on the quality of their BCP and their ability to deploy it seamlessly. The third challenge—the need to minimize E&O insurance liabilities—is especially acute for financial professionals who provide the types of services that would be in high demand during a catastrophe. For example, after a hurricane, P&C agents who have sold local residents homeowner’s insurance will need to be back online quickly to help answer client questions about their coverages and to help them file claims if needed. Similarly, clients with an emergency need to generate cash through a securities sale may need to speak with their broker or RIA. If that entity is offline for a lengthy period and no other service contact is available, consumers seeking help may become annoyed, at the very least, or suffer a financial loss, which might spark an E&O insurance claim later on. Having a hardened BCP in place will assure that financial professionals will have the ability to receive and act upon client requests in the immediate aftermath of a disaster. Given these three imperatives—ethical, compliance, and E&O liability—and the mounting threat of extreme weather, what should professionals do to strengthen their existing BCPs? EOforLess and the National Ethics Association suggest the following steps:
- Update the BCP’s threat assessment to make sure it takes all relevant risks into account and adjusts potential severity as needed.
- Evaluate the BCP’s chain of command to assure there are no missing communication links, which might leave key staff people uninformed.
- Focus on safety so that the BCP does a good job of keeping client assets, information, and other interests protected.
- Test the BCP regularly so that everyone in the company knows their role and can perform it like clockwork even from an offsite location.
For more information on business continuity plans for financial professionals, click here to view EOforLess’ BCP resource list. For more information on E&O insurance for life, health, and P&C insurance agents; for RIAs; and for real estate broker/owners, go here. EOforLess and its affiliated purchasing platform, EOforLess.com, are sponsored by the National Ethics Association, a trade group of financial professionals dedicated to helping its members build their businesses on a foundation of ethics, trust, and best practices.
Powered by WPeMatico