1.The objective of Business Continuity Management Policy of the Bank is to ensure continuity of critical Banking Business operations and IT operations that are necessary for conducting Banking Business during disaster and minimize the disruption of critical operations to near zero level by putting in place a robust and resilient business continuity strategy and framework while meeting Regulatory and compliance requirements.
2.UCBs need to adopt industry leading best practices in establishing a set of operating principles which govern how risks of a significant business disruption are mitigated to protect the Banks customers, employees and stakeholders.
3.UCBs need to have a robust and well defined business continuity program which comprises of policies and procedures with clearly defined roles, responsibilities and ownership for Crisis Management, Emergency Response, Business recovery and IT Disaster Recovery Planning.
4.Regular drills and tests are to be conducted to cover all aspects of the Business Continuity Plan. Plans are to be reviewed and maintained regularly to incorporate any changes to environment, people, process and technology.
5.The Bank’s Business continuity program is developed with a view to manage the impact of significant disruptions and should endeavour to resume business and operations to an acceptable level within a reasonable time in the event of a disaster.
6.While the recovery time objectives (RTO) have to be defined and documented in the plans, various external factors beyond control of UCBs could affect the actual recovery time. The Banks business continuity plan should be in line with the guidelines issued by regulatory bodies and is subject to regular internal, external and regulatory reviews.