We have built a Business Continuity Program to ensure that our plans address the following interruption scenarios:
- Loss of primary workspace
- Loss of applications, networks and datacenters
- Loss of a key vendor and loss of up to 50% of personnel (pandemic)
We’re dedicated to helping you meet your banking requirements, and have business continuity plans in place to support that commitment in any environment. Our Business Continuity Manager works with each business unit to develop effective, risk-appropriate solutions so that we can quickly resume critical business functions and minimize financial risk.
Governance and oversight
We have both internal and external oversight of our Business Continuity Program.
- The Risk Management Committee of the Board of Directors monitors the effectiveness of our recovery capabilities and reviews material program changes.
- In addition, our Business Continuity Steering Committee reviews program initiatives and proposed enhancements on a regular basis.
- Our entities are regulated and audited regularly by the following external auditors and regulatory bodies:
- SVB Private Internal Audit
- KPMG
- Federal Reserve Bank of Boston
- Securities and Exchange Commission
- Commonwealth of Massachusetts Division of Banks
Incident Management
A formal Incident Management Program is in place at SVB Private. This program facilitates the assessment of possible business continuity events and their potential impacts to business operations and our clients. It provides for specialized teams across the business to manage disruptive events.
Continuity planning
We require each business unit to maintain a continuity plan that adheres to Program standards and guidelines.
- Each year we perform a Business Impact Analysis to determine the criticality and recovery time objectives of our operations.
- As part of our analysis, we identify and implement recovery solutions for facility, workforce, technology and dependency loss scenarios.
- Management oversight and annual approval is required for all continuity plans.
Each critical process is exercised twice annually. Test results and after action items are recorded.
Recovery testing
We test our continuity plans to confirm their effectiveness in recovering business operations following a disruption.
- For each loss scenario, business units must test the sufficiency of their recovery solutions in accordance with corporate standards.
The success of this process is based on recovering functions and technology within the timeframe established by the business units.