The financial services industry faces threats from a wide variety of sources, and many organizations feel that the number and severity of risks is only growing. According to a 2015 Systemic Risk Barometer survey, 45 percent of respondents said the probability of a high-impact event across the financial system had increased over the previous 12 months.
Of course, your organization cannot mitigate every potential disaster. However, you can do your best to be prepared for each possibility. Simulated disaster scenarios help your employees, partners and other stakeholders to understand their roles in an emergency and feel more comfortable executing your disaster recovery plan when an incident does occur.
Here, we count down four mock disaster scenarios that are useful for the financial services industry:
1. Cyber breach.
One of the leading threats to the financial services industry is some sort of cyber attack. In fact, a 2014 report found that more than 500 million financial records had been hacked over the previous year—proof that banks, mutual funds and other institutions are a popular target for cyber criminals.
Many cyber breaches take the form of distributed denial of service (DDoS) attacks or spoofing or phishing attacks. These are highly damaging threats that your organization should be prepared for—especially as they become increasingly common.
A cyber breach can be a particularly useful mock disaster because its response requires many different departments, such as IT, communications, public relations, customer service and others. Since these attacks have such wide-ranging impacts on a financial services provider, they provide a well-rounded “all-hands-on-deck” opportunity to test your stakeholders’ disaster preparedness.
2. Reputation crisis.
Reputation management is particularly important for financial services providers, many of whom face a continually changing tide of public opinion. Your organization should be well prepared to handle a reputation crisis, which may originate from a social media gaffe, an executive scandal, an industry-wide news event or any number of other possibilities.
Ensure that your stakeholders are prepared for a reputation crisis by running them through a simulated emergency. Have all relevant employees move through the appropriate response, which may include issuing statements to the media, sending out press releases, taking customer service calls and other actions. This will help you to ensure that emergency communications—such as press releases and social media posts—are fully prepared ahead of time and that each employee knows how to quickly and confidently respond to the situation.
3. Geopolitical instability.
In another Systemic Risk Barometer study, respondents identified geopolitical risk as one of the leading threats to the financial industry. For multi-national organizations, geopolitical instability can be particularly worrisome. However, even U.S.-based companies can be greatly impacted by geopolitical events throughout the country and the world.
This is another mock disaster that involves many different stakeholders that may be in separate departments, offices or even countries. Consider running a training scenario that challenges stakeholders to cope with sudden extreme market turmoil, such as what happened following this year’s Brexit vote. Apply “lessons learned” from that real-life event to ensure that your organization would handle a similar crisis smoothly, and then put stakeholders to the test.
4. Severe weather emergency.
While weather emergencies typically rank a bit lower on the scale of financial services threats, they are nonetheless capable of severely disrupting your organization. Ensure that your stakeholders are prepared for a weather emergency by running a mock hurricane, flooding or tornado scenario.
This drill will put each of your stakeholders to the test, because such an emergency affects every department and every level of the organization. And while severe weather may seem like a distant possibility, remember that these types of crises have the potential to inflict incredible damage to your facility—and may even threaten lives. That’s why it is vital to ensure that every stakeholder knows what to do when this type of emergency hits.
Preparing for emergencies goes far beyond planning. You must also make sure that your employees understand what to do in a crisis and are comfortable with executing their roles. By holding regular training sessions and staging mock disaster scenarios, you will ensure that each stakeholder feels at least somewhat prepared for the next crisis, no matter when it hits.