Financial Institution Contingency Plans for Service Provider and Third Party Services

1. Identify all the categories and sources of data input into the service provider’s systems by the thrift. Usually, these items are limited to branch and back-office online terminal input. Other items of input, such as automated teller machine (ATM) transactions, automated clearinghouse (ACH) transactions, and in-clearings ('on us' checks negotiated outside of the institution), are usually the responsibility of vendors that provide the respective processing services.

2. Describe the steps required to recover previously input data and prepare them for resubmission when requested by the service provider. (Institution management should realize that if the disaster takes place on a business day, online data entered on that day will not have been backed up offsite and will likely be lost.)

3. Identify the persons or teams responsible for executing the recovery steps.

4. Provide a management-approved time line showing key points, from the point of receipt of notification that the service provider has experienced a disaster to the completion of the preparation of input for resubmission

Bookmark/Search this post with: