· 公众号:业务连续性+

《关于增强美国金融体系韧性的稳健实践的跨机构文件》中文简译

写在前面 :越来越多的人们开始关注运营韧性。事实上,虽然该领域还在快速的发展中,但已经凝聚了一些共识。金融行业是最为关注运营韧性的行业之一,近几年来,多个发达国家/地区的金融监管机构和巴塞尔银行监管委员会陆续发布/修订了运营韧性(Operational Resilience)和业务连续性管理方面的正式文件。为让更多的专业人员和爱好者了解国际运营韧性领域的进展,学习并实践运营韧性的良好实践,在过去两年,我组织了两期公益翻译活动,翻译了巴塞尔银行监管委员会和英国金融监管机构的运营韧性相关资料,包括: 《运营韧性原则》中文简译 (巴塞尔银行监管委员会)(2021年11月23日) 《操作风险稳健管理原则修订》中文简译 (巴塞尔银行监管委员会)(2021年11月29日) 《运营韧性:重要业务服务的影响容忍度》中文简译 (英格兰银行、英国审慎监管局(PRA)和英国金融行为监管局(FCA)联合说明文件)(2022年11月26日) 《政策声明|PS6/21 – 运营韧性:重要业务服务的影响容忍度》中文简译 (英国审慎监管局(PRA)运营韧性政策声明)(2022年11月27日) 《PRA规则手册:CRR机构,Solvency II机构:运营韧性文书2021》中文简译 (英国审慎监管局(PRA)运营韧性政策声明附件1 — PRA规则手册运营韧性部分)(2022年11月28日) 《PRA监管声明|SS1/21 “运营韧性:重要业务服务的影响容忍度”》中文简译 (英国审慎监管局(PRA)运营韧性政策声明附件2 — PRA监管声明SS1/21)(2022年12月1日) 《PRA“运营韧性”政策说明》中文简译 (英国审慎监管局(PRA)运营韧性政策声明附件3 — 运营韧性政策说明)(2022年12月2日)

今年3月,我再次组织了一个公益翻译小组,对美国、爱尔兰、澳大利亚、新加坡和香港等地金融监管机构的运营韧性相关资料进行翻译。7月份前后,翻译小组成员陆续将翻译文稿发送给我,近期我会将这些资料审校完成,陆续在公众号发布。

以下是参与第三期运营韧性资料公益翻译小组的成员 (排名不分前后,按姓氏拼音排序): 高洋(ICBC,william.yang.gao@gmail.com) 江磊(深圳龙华,2014595@qq.com) 刘琪岳(北京) 刘宇(深圳,13316880733@189.cn) 刘元锋(北京农商银行总行,liuyf@bjrcb.com) 林喆(广州,674441632@qq.com) 马骏(埃森哲/大连,patrick.ma2018@outlook.com) 孙宁莉(深圳市韧安咨询服务有限公司,115947186@qq.com) 王舵(大连童安应急管理科技有限公司,prekids@163.com) 徐文静(DNV,wen.jing.xu@dnv.com) 薛春娟(浙江省舟山市,793571689@qq.com) 张锋(北京,zhangfeng76@wo.cn) 周可政(上海,wikikivv@gmail.com) 王曙(新常安科技,kevinwang@vip.sina.com

感谢公益翻译小组的各位专业人员抽出个人时间进行翻译工作。以下译文由我负责最终统一审校定稿,如译文中有任何不准确或理解错误的地方,都是由于我的原因造成,与诸位翻译人员无关。如对译文有意见或修改建议,请给我留言。

王曙(kevinwang) 2023.10.26

这份文件由美国金融监管机构(美国联邦储备委员会、货币监理署和美国证券交易委员会)于2003年4月8日发布,鉴于后911环境带来的新风险,就保护金融体系的必要措施向金融机构提供建议,原文见: https://www.federalreserve.gov/boarddocs/srletters/2003/SR0309a1.pdf

《关于增强美国金融体系韧性的稳健实践的跨机构文件》概述了已获得广泛行业共识的3个业务连续性目标,和聚焦于最大程度减少大规模扰断对关键金融市场系统性影响的稳健实践。稳健实践的重点是恢复和复原批发金融市场中重大未结交易的清算和结算活动所需的适当后备能力,不涉及贸易业务或零售金融服务的恢复和复原。稳健实践并未建议机构将其主要办公室、主要运营场所或主要数据中心迁出大都市位置,并且理解金融机构出于重要的业务和内部控制原因在金融市场及其总部附近维护处理场所。稳健实践也没有规定任何特定的技术解决方案,或限制机构以反映自身风险状况的方式实施稳健实践的灵活性。文件讨论的稳健实践补充了美国金融监管机构各自业务连续性规划的政策和其它指导意见。

联邦储备委员会(Board of Governors of the Federal Reserve System) 货币监理署(Office of the Comptroller of the Currency) 证券交易委员会(Securities and Exchange Commission)

关于增强美国金融体系韧性的稳健实践的跨机构文件 Interagency Paper on Sound Practices to Strengthen the Resilience of the U.S. Financial System

简介和背景(Introduction and Background)

美国联邦储备委员会、货币监理署和美国证券交易委员会(以下称“管理机构”)正在发布这份关于增强美国金融体系韧性的稳健实践的跨机构文件,鉴于后911环境带来的新风险,就保护金融体系的必要措施向金融机构提供建议。稳健实践建立在业务连续性规划的长期原则之上,并认真思考了倘若发生大规模扰断,由行业成员确定的、增强美国金融体系整体韧性的措施。 The Federal Reserve, the Office of the Comptroller of the Currency, and the Securities and Exchange Commission (the agencies) are issuing this Interagency Paper on Sound Practices to Strengthen the Resilience of the U. S. Financial System to advise financial institutions on steps necessary to protect the financial system in light of the new risks posed by the post-September 11 environment. The sound practices build upon longstanding principles of business continuity planning and reflect actions identified by industry members that will strengthen the overall resilience of the U.S. financial system in the event of a wide-scale disruption.

管理机构已经确定了广泛的行业共识,3个业务连续性目标在911之后对所有金融机构都特别重要。管理机构还确定了稳健实践,聚焦于最大程度减少大规模扰断对关键金融市场直接的系统性影响。稳健实践的重点是恢复和复原批发金融市场中重大未结交易的清算和结算活动所需的适当后备能力,不涉及贸易业务或零售金融服务的恢复和复原。管理机构不建议机构将其主要办公室、主要运营场所或主要数据中心迁出大都市位置,并且理解金融机构出于重要的业务和内部控制原因在金融市场及其总部附近维护处理场所。管理机构还认识到,对一些机构来说,实现稳健实践可能需要多年的努力,没有必要或不宜规定任何特定的技术解决方案,或限制机构以反映其自身风险状况的方式实施稳健实践的灵活性。本文件讨论的稳健实践补充了管理机构各自业务连续性规划的政策和其它指导意见。 The agencies have identified broad industry consensus on three business continuity objectives that have special importance after September 11 for all financial firms. The agencies also have identified sound practices that focus on minimizing the immediate systemic effects of a wide-scale disruption on critical financial markets. The sound practices focus on the appropriate back-up capacity necessary for recovery and resumption of clearance and settlement activities for material open transactions in wholesale financial markets. They do not address the recovery or resumption of trading operations or retail financial services. The agencies are not recommending that firms move their primary offices, primary operating sites, or primary data centers out of metropolitan locations, and understand that there are important business and internal control reasons for financial firms to maintain processing sites near financial markets and their own headquarters. The agencies also recognize that achieving the sound practices could be a multi-year endeavor for some firms and that it is not necessary or appropriate to prescribe any specific technology solution or limit a firm’s flexibility to implement the sound practices in a manner that reflects its own risk profile. The sound practices discussed in this paper supplement the agencies’ respective policies and other guidance on business continuity planning.

后9.11业务连续性目标(Post-September 11 Business Continuity Objectives)

在讨论从911事件吸取的经验教训时,行业参与者和其它人一致认为,3个目标对所有金融机构和美国金融体系都特别重要: 大规模扰断后,迅速恢复并及时复原关键运营; 在至少1个主要运营场所发生人员损失或不可进入后,迅速恢复并及时复原运营;和 通过持续使用和稳健性测试,在关键的内部和外部连续性安排是有效和兼容的方面具有高度的信心。 During discussions about the lessons learned from September 11, industry participants and others agreed that three business continuity objectives have special importance for all financial firms and the U.S. financial system as a whole: Rapid recovery and timely resumption of critical operations following a widescale disruption; Rapid recovery and timely resumption of critical operations following the loss or inaccessibility of staff in at least one major operating location; and A high level of confidence, through ongoing use or robust testing, that critical internal and external continuity arrangements are effective and compatible.

911事件突显了一个事实,即金融体系是一个相互关联的市场和参与者组成的网络。单个参与者的运作能力可以产生超出其直接交易对手的广泛影响。由于美国金融市场的相互依赖性,所有金融机构都在提高金融体系的整体韧性方面发挥着作用。因此,所有金融机构都应当审查其业务连续性计划,并在切实可行的最大范围内纳入这3个广泛的业务连续性目标。为了在后911事件环境带来的一系列新风险与规划大规模扰断所涉及的成本之间取得适当的平衡,金融机构应当将这些新的和持续的风险纳入其对它们独特特征和风险状况的评估中。机构还应当持续改进自911以来制定的短期措施,并在发现差距的情况下制定长期恢复计划。 The events of September 11 underscored the fact that the financial system operates as a network of interrelated markets and participants. The ability of an individual participant to function can have wide-ranging effects beyond its immediate counterparties. Because of the interdependent nature of the U.S. financial markets, all financial firms have a role in improving the overall resilience of the financial system. It therefore is appropriate for all financial firms to review their business continuity plans and incorporate these three broad business continuity objectives to the fullest extent practicable. In striking an appropriate balance between the new set of risks posed in the post-September 11 environment and the costs involved in planning for wide-scale disruptions, financial firms should incorporate these new and continuing risks into their assessment of their unique characteristics and risk profiles. Firms also should continue to improve upon short-term measures that have been instituted since September 11 and develop longer-term business recovery plans where gaps are identified.

定义(Definitions)

美国金融体系在发生“大规模扰断”时的韧性取决于支持“关键金融市场”的“清算和结算活动”的快速“恢复”和“复原”。一些组织,即“核心清算和结算组织”和“在关键金融市场发挥重要作用的机构”,如果它们无法恢复或(在某些情况下)复原支持这些市场的清算或结算法动,就会给美国金融体系带来一种“系统性风险”。这些术语和组织的定义如下。 The resilience of the U.S. financial system in the event of a “wide-scale disruption” rests on the rapid “recovery” and “resumption” of the “clearing and settlement activities” that support “critical financial markets.” Some organizations, namely “core clearing and settlement organizations” and “firms that play a significant role in critical financial markets,” present a type of “systemic risk” to the U.S. financial system should they be unable to recover or, in some instances, resume clearing and settlement activities that support those markets. These terms and organizations are defined below.

大规模扰断 。大规模扰断是指对跨越大都市或其它地理区域以及与之经济融合的邻近社区的交通、电信、电力或其它关键基础设施组件造成严重扰断或破坏的事件;或者扰断源头正常通勤范围内的人们大规模撤离或无法进入的事件。 Wide-Scale Disruption. A wide-scale disruption is an event that causes a severe disruption or destruction of transportation, telecommunications, power, or other critical infrastructure components across a metropolitan or other geographic area and the adjacent communities that are economically integrated with it; or that results in a widescale evacuation or inaccessibility of the population within normal commuting range of the disruption’s origin.

系统性风险 。系统性风险包括转移系统或金融市场中的一方参与者未能履行其规定义务,将导致其它参与者无法履行到期义务,从而造成重大流动性或信贷问题或威胁金融市场稳定的风险。 [1] 鉴于市场之间和参与者之间复杂的相互依赖关系,市场主要参与者的充分准备将减少一家或几家机构突然遭遇扰断导致整个市场流动性错位、偿付能力问题和严重运营效率低下的可能性。 [2] Systemic Risk . Systemic risk includes the risk that the failure of one participant in a transfer system or financial market to meet its required obligations will cause other participants to be unable to meet their obligations when due, causing significant liquidity or credit problems or threatening the stability of financial markets. 1 Given the complex interdependencies of markets and among participants, thorough preparations by key market participants will reduce the potential that a sudden disruption experienced by one or a few firms will cascade into market-wide liquidity dislocations, solvency problems, and severe operational inefficiencies. 2

关键金融市场 。关键金融市场为银行、证券公司和其他金融机构提供了调整其现金和证券头寸以及客户头寸的手段,以管理其组织的流动性、市场和其他风险。关键金融市场还为向美国企业和消费者提供广泛的金融服务提供支持。某些市场,例如联邦基金和政府证券市场,也支持货币政策的实施。就本文而言,“关键金融市场”被定义为以下市场: 联邦基金,外汇和商业票据 美国政府和机构证券 公司债务和股权证券 Critical Financial Markets . Critical financial markets provide the means for banks, securities firms, and other financial institutions to adjust their cash and securities positions and those of their customers in order to manage liquidity, market, and other risks to their organizations. Critical financial markets also provide support for the provision of a wide range of financial services to businesses and consumers in the United States. Certain markets, such as the federal funds and government securities markets, also support the implementation of monetary policy. For purposes of this paper, “critical financial markets” are defined as the markets for: Federal funds, foreign exchange, and commercial paper U.S. Government and agency securities Corporate debt and equity securities

核心清算和结算组织 。核心清算和结算组织由两类组织组成,它们为关键金融市场提供清算和结算服务,或充当大额支付系统运营商,如果无法运转,会带来系统性风险。第一类由市场公用事业公司(政府资助的服务或行业所有的组织)组成,其主要目的是清算和结算关键市场的交易或转移大额批发支付。第二类核心清算和结算组织由那些提供清算和结算服务的私营部门机构组成,这些服务是关键市场不可或缺的一部分(即,它们的总市场份额足够大,如果它们由于没有可行的直接替代而突然无法进行这些活动,就会带来系统性风险)。 Core Clearing and Settlement Organizations . Core clearing and settlement organizations consist of two groups of organizations that provide clearing and settlement services for critical financial markets or act as large-value payment system operators and present systemic risk should they be unable to perform. The first group consists of market utilities (government-sponsored services or industry-owned organizations) whose primary purpose is to clear and settle transactions for critical markets or transfer largevalue wholesale payments. The second group of core clearing and settlement organizations consists of those private-sector firms that provide clearing and settlement services that are integral to a critical market (i.e. their aggregate market share is significant enough to present systemic risk in the event of their sudden failure to carry on those activities because there are no viable immediate substitutes).

在关键金融市场发挥重要作用的机构 。在关键金融市场发挥重要作用的机构是那些(代表自己或客户)在一个或多个关键金融市场中占有足够市场份额的机构,以至于它们未能在工作日结束前结算他们自己或其客户的重大未决交易可能会带来系统性风险。虽然有不同的方法可以衡量这些机构在关键市场中的重要性,但作为指导意见,如果一家机构在特定关键市场中持续清算或结算至少5%的的交易价值,则管理机构认为该机构在关键市场具有重要意义。 Firms that Play Significant Roles in Critical Financial Markets . Firms that play significant roles in critical financial markets are those that participate (on behalf of themselves or their customers) with sufficient market share in one or more critical financial markets such that their failure to settle their own or their customers’ material pending transactions by the end of the business day could present systemic risk. While there are different ways to gauge the significance of such firms in critical markets, as a guideline, the agencies consider a firm significant in a particular critical market if it consistently clears or settles at least five percent of the value of transactions in that critical market.

恢复和复原清算和结算活动 。迅速恢复和复原关键金融市场,以及避免潜在的系统性风险,需要迅速恢复清算和结算活动,以便在预定的结算日完成重大的未决交易。这些清算和结算活动包括: 完成未决大额支付; 清算和结算重大未决交易; [3] 满足确保上述a)和b)项履行所需的重要日终资金和抵押义务; 在适当和必要的情况下管理重大未平仓机构和客户风险头寸,以确保上述a)至c)项的履行; 沟通机构和客户的头寸,核对当天的记录,并在必要时保护机构和客户资产,以确保上述项目a)至d)项的履行; 执行为履行上述关键活动不可或缺的所有支持和相关职能。 Recovery and Resumption of Clearing and Settlement Activities . The rapid recovery and resumption of critical financial markets, and the avoidance of potential systemic risk, requires the rapid recovery of clearing and settlement activities for the purpose of completing material pending transactions on their scheduled settlement dates. These clearing and settlement activities include Completing pending large-value payments; Clearing and settling material pending transactions; 3 Meeting material end-of-day funding and collateral obligations necessary to ensure the performance of items a) and b) above; Managing material open firm and customer risk positions, as appropriate and necessary to ensure the performance of items a) through c) above; Communicating firm and customer positions and reconciling the day’s records, and safeguarding firm and customer assets as necessary to ensure the performance of items a) through d) above; and Carrying out all support and related functions that are integral to performing the above critical activities.

就本文件而言,术语“恢复(名词)”(或“恢复(动词)”)是指在大规模扰断后还原清算和结算活动; [4] “复原(名词)”(或“复原(动词)”)是指在大规模扰断后接受和处理新交易和支付的能力。 For purposes of this paper, the terms recovery (or recover) refers to the restoration of clearing and settlement activities after a wide-scale disruption; 4 resumption (or resume) refers to the capacity to accept and process new transactions and payments after a widescale disruption.

稳健实践(Sound Practices)

管理机构为在关键金融市场发挥重要作用的核心清算和结算组织和机构确定了4大稳健实践。这些稳健实践基于业务连续性规划的长期原则,其中有确定关键活动,进行业务影响分析,以及制定、实施和测试计划。采用稳健实践将有助于保护金融体系免受大规模扰断的风险,并减少主要市场参与者对一个或多个关键市场构成系统性风险的可能性,因为主要和备用处理设施和工作人员位于同一地理区域。 The agencies have identified four broad sound practices for core clearing and settlement organizations and firms that play significant roles in critical financial markets. The sound practices are based on long-standing principles of business continuity planning in which critical activities are identified, a business impact analysis is conducted, and plans are developed, implemented, and tested. Adoption of the sound practices will help protect the financial system from the risks of a wide-scale disruption and reduce the potential that key market participants will present systemic risk to one or more critical markets because primary and back-up processing facilities and staffs are located within the same geographic region.

1.确定支持关键金融市场的清算和结算活动 。组织应当确定其作为核心清算和结算组织或发挥重要作用的每个关键金融市场中的所有清算和结算活动。这种评估应当包括确定支持这些市场中清算和结算活动或与这些市场中的清算和结算活动履行有整体关联的活动或系统。

  1. Identify clearing and settlement activities in support of critical financial markets. An organization should identify all clearing and settlement activities in each critical financial market in which it is a core clearing and settlement organization or plays a significant role. This assessment should include identification of activities or systems that support or are integrally related to the performance of clearing and settlement activities in those markets.

2.为支持关键市场的结算和清算活动确定适当的恢复和复原目标 。就稳健实践而言,恢复时间目标是机构在大规划扰断后恢复结算和清算活动的时间,其总体目标是在预定的结算日完成重大未决交易。在关键金融市场中,清算和结算活动的恢复时间目标应当相对一致。这促进了恢复计划的兼容性,并有助于确保在关键金融市场发挥重要作用的核心清算和结算组织与机构能够在大规模扰断时参与金融体系。恢复时间目标提供了要计划和测试的具体目标。不应把它们视为是在每一个突发事件情况下都必须遵守的硬性规定。事实上,管理机构认识到,围绕扰断的各种外部因素,如一天中的时间,扰断的范围和关键基础设施(尤其是电信)的状态,都会影响实际的恢复时间。 [5] 此外,在不延长正常工作时间,晚些时候的扰断后可能不会实现恢复时间目标。 2. Determine appropriate recovery and resumption objectives for clearing and settlement activities in support of critical markets . For purposes of the sound practices, a recovery-time objective is the amount of time in which a firm aims to recover clearing and settlement activities after a wide-scale disruption with the overall goal of completing material pending transactions on the scheduled settlement date. Recovery time objectives for clearing and settlement activities should be relatively consistent across critical financial markets. This promotes the compatibility of recovery plans and helps ensure that core clearing and settlement organizations and firms that play significant roles in critical financial markets will be able to participate in the financial system in times of wide-scale disruptions. Recovery-time objectives provide concrete goals to plan for and test against. They should not be regarded as hard and fast deadlines that must be met in every emergency situation. Indeed, the agencies recognize that various external factors surrounding a disruption such as time of day, scope of disruption, and status of critical infrastructure — particularly telecommunications — can affect actual recovery times. 5 Furthermore, recovery time objectives might not be achievable following a late-day disruption without an extension of normal business hours.

市场参与者一致认为,与在关键金融市场发挥重要作用的机构相比,核心清算和结算组织必须达到更积极的恢复时间目标。这是因为核心清算和结算组织对于完成关键市场中的大多数交易是必不可少的;因此,它们必须恢复和复原其关键功能,以便其它市场参与者处理未决交易并完成大额支付。同样可以合理地假设,在不受特定扰断影响的地区,将有发挥重要作用的机构和其它市场参与者需要清算和结算关键市场中的未决交易。因此,核心清算和结算组织应当计划和恢复其处理以及支持关键市场的其他活动。鉴于每天清算和结算的交易/支付量和金额巨大,不能在工作日内完成未决交易的清算和结算可能会造成系统性的流动性错位,并加剧关键市场的信用和市场风险。因此,核心清算和结算组织应当发展能力,在发生扰断的工作日内恢复和复原清算和结算活动,总体目标是在事件发生后2小时内实现恢复和复原。 [6] 核心清算和结算组织还应当制定计划,在扰断期间和参与者进行沟通,以帮助它们的快速恢复。 Market participants agree that core clearing and settlement organizations must meet more aggressive recovery-time objectives than firms that play significant roles in critical financial markets. This is because core clearing and settlement organizations are necessary to the completion of most transactions in critical markets; accordingly, they must recover and resume their critical functions in order for other market participants to process pending transactions and complete large-value payments. It also is reasonable to assume that there will be firms that play significant roles and other market participants in locations not affected by a particular disruption that will need to clear and settle pending transactions in critical markets. Therefore, core clearing and settlement organizations should plan both to recover and resume their processing and other activities that support critical markets. In light of the large volume and value of transactions/payments that are cleared and settled on a daily basis, failure to complete the clearing and settlement of pending transactions within the business day could create systemic liquidity dislocations, as well as exacerbate credit and market risk for critical markets. Therefore, core clearing and settlement organizations should develop the capacity to recover and resume clearing and settlement activities within the business day on which the disruption occurs with the overall goal of achieving recovery and resumption within two hours after an event. 6 Core clearing and settlement organizations also should develop plans for communicating with participants during a disruption to facilitate their rapid recovery.

在关键金融市场发挥重要作用的机构恢复清算和结算活动的能力取决于这些市场的核心清算和结算组织恢复的时间。出于规划目的,机构应当假设核心清算和结算组织将在扰断的工作日内恢复和复原清算和结算活动。因此,在关键金融市场发挥重要作用的机构应当计划在核心清算和结算组织恢复和复原其运营后,在发生扰断的工作日内尽快恢复这些市场的清算和结算活动。在一些市场,例如批发支付,银行业长期以来一直有4小时的恢复基准,批发支付市场的最大参与者已经积极讨论这些组织需要2小时恢复标准。在其它关键金融市场发挥重要作用的机构应当努力实现清算和结算活动的4小时恢复时间能力,以确保它们能够在工作日内实现恢复目标。 [7] The ability of firms that play significant roles in critical financial markets to recover clearing and settlement activities depends on the timing of the recovery of core clearing and settlement organizations for those markets. For planning purposes, firms should assume that core clearing and settlement organizations will recover and resume clearance and settlement activities within the business day of the disruption. Accordingly, firms that play significant roles in critical financial markets should plan to recover clearing and settlement activities for those markets as soon as possible after the core clearing and settlement organizations have recovered and resumed their operations and within the business day on which a disruption occurs. In some markets, such as wholesale payments, the banking industry has had long-established recovery benchmarks of four hours and the largest participants in the wholesale payments market have actively discussed the need for a two-hour recovery standard by such organizations. Firms that play significant roles in the other critical financial markets should strive to achieve a four-hour recovery time capability for clearing and settlement activities in order to ensure that they will be able to meet a within the business day recovery target. 7

3.保持足够地理分散的资源,以实现恢复和复原目标 。在大规模扰断期间,要在目标时间内恢复清算和结算活动,通常需要在后台运营和数据中心的主要场所和备用场所之间具有适当程度的地理多样性。管理机构认为没有必要或不宜规定地理分散的备用场所的具体里程要求。对机构来说,在考虑各种方法以建立后备安排时保持灵活性是很重要的,这些安排在机构的特定风险状况下可能是有效的。然而,业务连续性规划的长期原则表明,后备安排应当尽可能远离主场所,以避免遭受与主场所相同风险的影响。备用场所不应依赖与主场所相同的基础设施组件(例如,交通、电信、供水和电力)。此外,这些场所的运营不应因在主场所大规模撤离或服务主场所的工作人员无法进入而受到损害。应当通过测试确认后备安排在从大规模扰断中恢复方面的有效性。 3. Maintain sufficient geographically dispersed resources to meet recovery and resumption objectives . Recovery of clearing and settlement activities within target times during a wide-scale disruption generally requires an appropriate level of geographic diversity between primary and back-up sites for back-office operations and data centers. The agencies do not believe it is necessary or appropriate to prescribe specific mileage requirements for geographically dispersed back-up sites. It is important for firms to retain flexibility in considering various approaches to establishing back-up arrangements that could be effective given a firm’s particular risk profile. However, long-standing principles of business continuity planning suggest that back-up arrangements should be as far away from the primary site as necessary to avoid being subject to the same set of risks as the primary location. Back-up sites should not rely on the same infrastructure components (e.g., transportation, telecommunications, water supply, and electric power) used by the primary site. Moreover, the operation of such sites should not be impaired by a wide-scale evacuation at or the inaccessibility of staff that service the primary site. The effectiveness of back-up arrangements in recovering from a wide-scale disruption should be confirmed through testing.

核心清算和结算组织负有开发资源的最高责任,以便在工作日内恢复和复原清算和结算活动。因此,这些组织应当在远离其主场所足够远的地方建立备份设施。使用同步备份设施或其备用场所主要依赖与主场所相同的劳动力库的核心清算和结算组织应当解决解决大规模扰断可能影响其中一个或两个场所及其劳动力库的风险。这些组织应当建立更远的后备安排,以便在发生扰断的工作日内恢复和复原关键运营。 Core clearing and settlement organizations have the highest responsibility to develop resources that permit the recovery and resumption of clearing and settlement activities within the business day. Accordingly, these organizations should establish back-up facilities a significant distance away from their primary sites. Core clearing and settlement organizations that use synchronous back-up facilities or whose back-up sites depend primarily on the same labor pool as the primary site should address the risk that a wide-scale disruption could impact either or both of the sites and their labor pool. Such organizations should establish even more distant back-up arrangements that can recover and resume critical operations within the business day on which the disruption occurs.

在关键金融市场发挥重要作用的机构应当保持足够地理分散的资源,包括工作人员、设备和数据,以便在发生扰断的工作日内恢复清算和结算活动。机构可以考虑确保从大规模扰断中快速恢复的各种方法的成本和效益。 [8] 然而,如果备用场所主要依赖主场所的工作人员,那么必须确定如果扰断导致主场所的工作人员损失或不可进入,如何满足备用场所的人员需求。此外,使用同步备份设施或其备用场所主要依赖与主场所相同的劳动力库的机构应当解决大规模扰断可能影响其中一个或两个场所及其劳动力池的风险。作为其持续规划过程的一部分,拥有此类后备安排的机构应当努力开发更远的数据备份和运营资源,以证明足以在扰断发生的工作日内恢复清算和结算活动。业务连续性规划过程应当考虑到支持后备安排的技术和业务流程的改进,以及在发生大规模扰断时确保更大韧性的需要。机构可能采取的临时步骤应当与建立更远距离的后备安排的目标相一致。管理机构预计,随着支持后备安排的技术和业务流程不断改进,成本效益越来越高,机构将利用这些发展来增加其备用场所的地理多样性。 Firms that play significant roles in critical financial markets should maintain sufficient geographically dispersed resources, including staff, equipment and data to recover clearing and settlement activities within the business day on which a disruption occurs. Firms may consider the costs and benefits of a variety of approaches that ensure rapid recovery from a wide-scale disruption. 8 However, if a back-up site relies largely on staff from the primary site, it is critical for the firm to determine how staffing needs at the back-up site would be met if a disruption results in loss or inaccessibility of staff at the primary site. Moreover, firms that use synchronous back-up facilities or whose back-up sites depend primarily on the same labor pool as the primary site should address the risk that a wide-scale disruption could impact either or both of the sites and their labor pools. As part of their ongoing planning process, firms with such back-up arrangements should strive to develop even more distant data back-up and operational resources that prove sufficient to recover clearing and settlement activities within the business day on which the disruption occurs. The business continuity planning process should take into consideration improvements in technology and business processes supporting back-up arrangements and the need to ensure greater resilience in the event of a wide-scale disruption. Interim steps a firm may take should be compatible with the objective of establishing even more distant back-up arrangements. The agencies expect that, as technology and business processes supporting back-up arrangements continue to improve and become increasingly cost effective, firms will take advantage of these developments to increase the geographic diversification of their back-up sites.

4.日常使用或测试恢复和复原安排 。从911吸取的教训之一是,应当扩大对业务恢复安排的测试。对于机构来说,使用市场、核心清算和结算组织以及第三方服务提供商的主要和备份设施来测试备份设施,以确保数据传输的连接性、容量和完整性至关重要。(视情况)测试与交易对手和客户的后备安排也很重要。这种测试确保了恢复目标的实现,以及工作人员和必要的外部各方充分了解情况。 4. Routinely use or test recovery and resumption arrangements . One of the lessons learned from September 11 is that testing of business recovery arrangements should be expanded. It is critical for firms to test back-up facilities with the primary and back-up facilities of markets, core clearing and settlement organizations, and third-party service providers to ensure connectivity, capacity, and the integrity of data transmission. It also is important to test back-up arrangements with major counterparties and customers, as appropriate. Such testing ensures that recovery objectives are achievable and that staff and necessary external parties are sufficiently informed.

核心清算和结算组织应当在其所有备用场所定期测试恢复和复原计划。测试情景应当包括影响关键人员可用性的大规模扰断;证明有能力在工作日内恢复和复原;以及以2小时恢复时间为目标。核心清算和结算组织应当要求参与者测试其主要和备用场所与核心清算和结算组织场所之间的连通性。它们可能还希望考虑组织更广泛的行业压力测试,以确保恢复系统在关键市场参与者中始终如一地稳健。 Core clearing and settlement organizations should periodically test recovery and resumption plans at all of their back-up sites. Test scenarios should include wide-scale disruptions that affect the accessibility of key staff; demonstrate the ability to recover and resume within the business day; and aim for a two-hour recovery time. Core clearing and settlement organizations should require participants to test connectivity between their primary and back-up sites and those of the core clearing and settlement organizations. They also may wish to consider organizing a broader industry stress test to ensure that recovery systems are consistently robust across critical market participants.

在关键金融市场发挥重要作用的机构应当日常使用或测试其各自内部恢复和复原安排的连通性、功能性和交易量容量。在同步备份技术的当前范围内建立备用场所或主要依赖主场所工作人员的机构应当确认,如果大规模扰断影响到两个场所,其计划是有效的。也鼓励机构利用市场、核心清算和结算组织以及第三方服务提供商提供的测试机会,确保数据传输的连通性、容量和完整性。鼓励机构继续与其核心清算和结算组织以及行业协会合作,设计和安排适当的行业测试,以确保单个恢复和复原策略在关键市场中的兼容性。 Firms that play significant roles in critical financial markets should routinely use or test their individual internal recovery and resumption arrangements for connectivity, functionality, and volume capacity. Firms that establish back-up sites within the current perimeter of synchronous back-up technology or that rely primarily on staff at the primary site should confirm that their plans would be effective if a wide-scale disaster affects both sites. Firms also are encouraged to take advantage of testing opportunities offered by markets, core clearing and settlement organizations and third-party service providers to ensure connectivity, capacity and the integrity of data transmission. Firms are encouraged to continue to work cooperatively with their core clearing and settlement organizations and trade associations to design and schedule appropriate industry tests to ensure the compatibility of individual recovery and resumption strategies across critical markets.

实施稳健实践(Implementation of Sound Practices)

成本效益考虑 。管理机构认识到具有成本效益的业务连续性规划的重要性。与实施稳健实践相关的成本可能会有很大差异,具体取决于需要在多大程度上进行增量改进以应对大规模扰断的风险。一些在关键市场发挥重要作用的机构可能会发现,他们只需要对其后备安排进行相对较小的改进即可。其他机构可能会发现有必要采用更强大的技术或升级软件应用程序,以实现稳健实践确定的恢复目标。为了降低这些改进的成本,机构可能希望将它们纳入战略规划过程(例如,与设施、信息系统组件和架构以及业务流程的规划改进相协调)。 Cost-Benefit Considerations . The agencies recognize the importance of cost effective business continuity planning. The costs associated with implementing the sound practices can vary substantially depending on the extent to which incremental improvements may be needed to address the risks of a wide-scale disruption. Some firms that play significant roles in critical markets may find that they need to implement only relatively minor improvements to their back-up arrangements. Other firms may find it necessary to adopt a more robust technology or upgrade software applications in order to achieve recovery objectives identified by the sound practices. To mitigate the costs of these enhancements, firms may wish to integrate them into the strategic planning process (e.g., coordinate with planned enhancements to facilities, information system components and architecture, and business processes).

机构应当认识到,采用稳健实践将有助于向交易对手和客户保证,他们可以迅速恢复在关键市场清算和结算交易的能力。同样,参与金融体系的机构将获得更大的保证,即关键的市场参与者将能够承受大规模扰断并履行其支付和结算义务,从而最大程度地减少级联故障和由此产生系统性风险的可能性。机构报告说,市场力量清楚地认识到金融体系的相互依赖性,客户和交易对手越来越期望机构证明,如果发生大规模扰断,他们有能力继续运营。 Firms should recognize that adoption of the sound practices will help to reassure their counterparties and customers that they can rapidly regain their ability to clear and settle transactions in critical markets. Similarly, firms participating in the financial system would enjoy greater assurance that critical market participants will be able to withstand a wide-scale disruption and meet their payment and settlement obligations, thereby minimizing the potential for cascading fails and resulting systemic risk. Firms report that market forces clearly recognize the interdependent nature of the financial system, and customers and counterparties increasingly expect firms to demonstrate their ability to continue operations should a wide-scale disruption occur.

核心清算和结算组织的实施 。核心清算和结算组织应当继续加紧努力,制定、批准和实施计划,以便在2004年底前实质性地实现稳健实践。计划应当提供比远超出当前同步范围的后备设施,以满足工作日内的恢复目标。根据具体情况,核心清算和结算组织可以有更多的时间,以完成远超出目前同步范围的后备设施的实施,只要它们采取具体的近期措施,在2004年底前实质性地改进韧性。灵活性的程度将根据董事会和高级管理层对批准预算的承诺以及遵守积极的时间表和中期里程碑等因素来衡量。计划应当包括可衡量的里程碑,以评估在实施稳健实践方面的进展情况。 Implementation by core clearing and settlement organizations . Core clearing and settlement organizations should continue their accelerated efforts to develop, approve, and implement plans that substantially achieve the sound practices by the end of 2004. Plans should provide for back-up facilities that are well outside of the current synchronous range that can meet within-the-business-day recovery targets. On a case-by-case basis, core clearing and settlement organizations can be given additional time to complete implementation of back-up facilities that are well outside the current synchronous range, so long as they take concrete, near-term steps that result in substantially improved resilience by the end of 2004. The amount of flexibility will be measured against factors such as board of directors and senior management’s commitment to approved budgets, and adherence to aggressive timetables and interim milestones. Plans should include measurable milestones to assess progress in achieving the sound practices.

在关键市场中发挥重要作用的机构的实施。 在关键金融市场发挥重要作用的机构应当制定、批准和实施计划,要求在切实可行的情况下尽快实施稳健实践,但一般在本文件发布后3年内。 [9] 在某些情况下,机构可能会发现有必要根据其各自的风险状况,韧性水平和独特的业务情况提供更长的实施期。所有计划都应当包括可以衡量进展情况的中期里程碑,并应持续考虑实现后备设施更大地域多样化的成本和效益。 Implementation by firms that play significant roles in critical markets. Firms that play significant roles in critical financial markets should develop, approve and implement plans that call for substantial achievement of the sound practices as soon as practicable, but generally within three years of publication of this paper. 9 In some cases, a firm may find it in necessary to provide for a longer implementation period in light of its respective risk profile, level of resilience, and unique business circumstances. All plans should incorporate interim milestones against which progress can be measured and should provide for ongoing consideration of the costs and benefits of achieving greater geographic diversification of back-up facilities.

高级管理层和董事会的角色 。管理机构认为,行业参与者也确认, 将本文件中讨论的后911的业务连续性目标和稳健实践纳入,会引发许多短期和长期战略问题,需要最高管理层的持续领导和参与。这些问题必须根据机构对其它市场参与者的依赖关系以及机构之间实现一致韧性水平的需要来考虑。董事会应当审查业务连续性战略,以确保计划与机构的整体业务目标、风险管理战略和财务资源保持一致。有关整体业务连续性目标的决策不应留给各个业务部门自行决定。 Role of Senior Management and Boards of Directors . The agencies believe, and industry participants confirm, that incorporation of the post-September 11 business continuity objectives and sound practices discussed in this paper raises numerous short and long-term strategic issues that require continuing leadership and involvement by the most senior levels of management. These issues must be considered in light of a firm’s dependencies on other market participants and the need to achieve a consistent level of resilience across firms. Boards of directors should review business continuity strategies to ensure that plans are consistent with the firm’s overall business objectives, risk management strategies, and financial resources. Decisions about overall business continuity objectives should not be left to the discretion of individual business units.

结论(Conclusion)

911之后,金融业参与者开始对经验教训进行重大审查,以加强其业务连续性计划。管理机构认为,金融机构必须提高其恢复能力,以应对后911环境对美国金融体系造成的持续严重风险。金融业参与者表现出了对确保美国金融体系持续生存的坚定承诺,他们加强了自己的业务连续性计划,以应对大规模扰断的风险。在过去的一年里,业务恢复计划在短期和长期都有了重大改进。金融业参与者认识到,高级管理层的持续参与对于实现本文所讨论的稳健实践的重要性。机构还参与了旨在改善私营部门协调的行业倡议,确保业务恢复计划相互兼容,并在同行中实现适当水平的稳健性。 After September 11, financial industry participants initiated a significant review of lessons learned with a view towards strengthening their business continuity plans. The agencies believe that it is important for financial firms to improve recovery capabilities to address the continuing, serious risks to the U.S. financial system posed by the post September 11 environment. Financial industry participants have demonstrated a keen commitment to ensuring the continued viability of the U.S. financial system by strengthening their own business continuity plans to address the risk of a wide-scale disruption. Over the past year, significant short- and longer-term improvements have been made to business recovery plans. Financial industry participants recognize the importance of continuing senior management involvement in achieving the sound practices discussed in this paper. Firms also are participating in industry initiatives aimed at improving private-sector coordination and ensuring that business recovery plans are compatible and that an appropriate level of robustness is achieved among peers.

管理机构认识到,对一些组织来说,实现稳健实践可能需要多年的努力,没有必要或不宜规定任何特定的技术解决方案来实施稳健实践。管理机构敦促所有金融体系参与者继续长期努力,确保关键的美国金融市场具有适当稳健的恢复能力,并能够通过在可行范围内最大程度地采用稳健实践来应对大规模的扰断。最后,管理机构鼓励那些不被视为核心清算和结算组织或在关键市场发挥重要作用的金融机构审查并考虑实施稳健实践,特别是如果机构的交易水平接近被视为重要的交易水平时。 2003年4月7日 The agencies recognize that achievement of the sound practices could be a multiyear endeavor for some organizations and that it is not necessary or appropriate to prescribe any specific technology solution for implementing the sound practices. The agencies urge all financial system participants to continue efforts over the long term to ensure that critical U.S. financial markets have appropriately robust recovery capabilities and can respond to a wide-scale disruption by adopting the sound practices to the fullest extent practicable. Finally, the agencies encourage financial firms that are not deemed to be a core clearing and settlement organization or a firm that plays a significant role in critical markets to review and consider implementation of the sound practices, particularly if a firm’s transactions levels approach those deemed to be significant. April 7, 2003

本文中术语“系统性风险”的使用基于国际清算银行支付和结算系统委员会“支付和结算系统术语表”(2001)中所载的支付和结算系统中系统性风险的国际定义。The use of the term “systemic risk” in this paper is based on the international definition of systemic risk in payments and settlement systems contained in “A glossary of terms in payment and settlement systems,”Committee on Payment and Settlement Systems, Bank for International Settlements (2001). ↑ 在不利的市场条件或对机构的信贷担忧的情况下,流动性错位会比911事件后立即经历的更严重加剧。Under adverse market conditions or in the event of credit concerns about institutions, liquidity dislocations of the type experienced immediately after September 11 could be seriously compounded. ↑ 政府证券交易包括买卖美国政府的短期债券、中期债券、长期债券和机构证券(包括政府赞助企业发行的抵押支持证券),以及涉及美国政府和机构证券的回购、反向回购协议和第三方回购协议。Transactions in government securities include the purchase and sale of U.S. government bills, notes, bonds and agency securities (including mortgage-backed securities issued by Government Sponsored Enterprises), as well as repurchase and reverse repurchase agreements and triparty repurchase agreements involving U.S. government and agency securities. ↑ 业务恢复计划的目标是恢复特定的活动或职能,而不是恢复一个不能运转的设施或系统。The goal of business recovery plans is the recovery of a particular activity or function and not the recovery of a disabled facility or system. ↑ 一些机构对电信和其他关键基础设施的韧性以及当前对单个机构从这些运营商获得可验证的冗余服务的能力的限制表示担忧。建立地理分散的设施的机构可以在其电信和其他基础设施服务中实现更多的多样性,这将为确保恢复关键运营提供额外的韧性。一些金融机构正在赞助全行业的努力,以探索共同的基础设施问题和方法。A number of firms have expressed concerns about the resilience of telecommunications and other critical infrastructure, and the current limitations on an individual firm’s ability to obtain verifiable redundancy of service from such carriers. Firms that establish geographically dispersed facilities can achieve additional diversity in their telecommunications and other infrastructure services, which will provide additional resilience in ensuring recovery of critical operations. A number of financial firms are sponsoring industrywide efforts to explore common infrastructure issues and approaches. ↑ 这包括恢复通常由核心清算和结算组织以及重要机构在扰断当天的特定市场营业时间内执行的清算和结算活动。这些活动包括输入重大交易数据或支付指令,以及执行所有必要的步骤,以在常规起息日或结算日清算和完成重大交易。This includes recovery of clearance and settlement activities that would normally be performed by core clearing and settlement organizations and significant firms within a particular market’s business hours on the day of the disruption. These activities include inputting material transaction data or payment instructions, and performing all steps necessary to clear and complete material transactions on their regular value or settlement dates. ↑ 随着市场以及清算和结算系统朝着更长的营业时间发展,延长处理时间的灵活性可能会降低。这突显了在工作日的正常处理期内尽可能充分地实现恢复时间目标的重要性。它还强调了确保在营业时间延长到午夜之后能够执行内部流程的重要性。As markets and clearance and settlement systems move toward longer operating hours, there may be less flexibility to extend processing hours. This underscores the importance of achieving recovery time objectives within the business day’s normal processing periods to the fullest extent possible. It also underscores the importance of ensuring that internal processes can be performed in the event that business hours are extended beyond midnight. ↑ 这种安排的例子包括维持一个完全可操作的地理分散的数据和运营备份设施,以及利用外包设施,将设备、软件和数据储存起来供工作人员激活。机构正在以各种方式解决关键的人员配备问题,如交叉培训、利用未充分使用的系统的员工来分担或转移工作量,将员工轮换到异地,以及建立工作轮班等。一些机构使用外包的备份解决方案来恢复清算和结算活动以及数据存储。然而,许多评论者对恢复设施数量少、缺乏地理多样性以及在大规模扰断期间确保设施可用性的成本表示担忧。使用外包备份解决方案的机构应当考虑在大规模扰断期间可能影响进入这些设施的任何高风险。Examples of such arrangements range from maintaining a fully operational geographically dispersed back-up facility for data and operations to utilizing outsourced facilities in which equipment, software, and data are stored for staff to activate. Firms are addressing critical staffing issues in various ways, such as cross training, utilizing staff at underused systems to share or shift loads, rotating employees off-site, and establishing work shifts. A number of firms use outsourced back-up solutions for recovering clearing and settlement activities and data storage. However, numerous commenters expressed concern about the small number of recovery facilities, their lack of geographic diversity and the cost of ensuring availability of facilities during a wide-scale disruption. Firms that use outsourced back-up solutions should take into consideration any heightened risks that could affect access to those facilities during a wide-scale disruption. ↑ 管理机构将与每个看来达到市场份额阈值的机构联系,如果得出结论认为该机构在一个或多个关键市场发挥重要作用,将审查该机构实施稳健实践的计划。管理机构还将监督这些计划的实施。The agencies will contact each firm that appears to meet the market share thresholds and, if they conclude that the firm plays a significant role in one or more critical markets, will review the firm’s plans for implementing the sound practices. The agencies also will monitor implementation of those plans. ↑

本公众号(ID:bcmplus)专注于业务连续性和运营韧性知识的普及和传播,关注业务连续性、应急和危机管理的朋友请关注本公众号。

由于公众号注册时腾讯已调整政策,未能开通留言功能,希望交流和讨论业务连续性和运营韧性问题、或获取相关资料的朋友,可长按以下二维码加入知识星球参与讨论(另,公众号每月只能发4次文章,会有一些内容直接在知识星球分享而不在公众号发布)。

原文发表于公众号”业务连续性+” | 原文链接