Anna

Expert Compliance Assistant

Hi, I'm Anna!

RegTechPRO's expert compliance assistant. Ask me about FCA regulations, compliance requirements, or workload management.

Compliance Hub
·
0%
Initialising handshake...
Company Logo Company Logo
Compliance Hub Firm Compliance People Compliance Risk Management Monitoring Plan Horizon Scanning Document Library MI Dashboard Policy Studio Application Tracker Operational Resilience Consumer Duty Media Hub
My Account

Operational Resilience & BCP

Business Continuity Planning • FCA SYSC 15A Compliance • Disaster Recovery

2026 (Current)
2025
Click to expand ↗
—
Resilience Health
Points-based across sections & checklist
0 Complete
0 Partial
0 Incomplete
BCP Completeness
0%
0 of 0 points earned
Important Business Services
0
All mapped with impact tolerances
Critical Business Functions
0
of 0 functions rated Critical
Open Actions
0
No open actions
Scoring Breakdown
Sections (0/34 pts) + Checklist (0/50 pts) = 0/84
0
Completed
0
In Progress
0
Not Started
Section Status
0 of 17 started
Click to expand ↗
BCP Testing
On Track
—
Last Tested
—
Next Due
Stress tests passed 0%
Click to view test schedule
Click to expand ↗
Crisis Management Team
Not Started
0
Members
0
Deputies
0%
Contacts
Click to view CMT register
Click to expand ↗
Third-Party Dependencies
Not Started
0
Suppliers
0
BCP Received
0
Alts Identified
BCP assessment coverage 0%
Click to view supplier register
Recovery Plans
0
IT Systems
0
Insurance Policies
Click to view recovery plans →
Communications
0
Channels
0
Templates
Click to view comms plan →
Facilities
Not Set
Configure alternative site details
Click to view facilities →
Emergency Contacts
0
Contacts
0
Recovery Box
Click to view directory →
BCP Compliance Checklist
0/25 Met
Threat Risk Summary
Risk appetite thresholds: Low ≤7 • Medium ≤14 • High ≥15
Key Dates & Review Schedule
The Business Impact Analysis identifies your critical business functions, assesses disruption impacts, and sets Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO). Recovery strategies must be realistic and achievable with available resources. Aspirational plans that cannot be executed under pressure provide false assurance.
1
Critical Business Functions
Identify and classify your business functions by criticality

List all business functions and assess their criticality. Functions supporting Important Business Services (IBS) under FCA SYSC 15A should be marked accordingly.

Business Function Department Criticality Supports Important Business Service (IBS)? Recovery Time Objective (RTO) Recovery Point Objective (RPO) Impact if Disrupted Actions
2
Impact Tolerances (SYSC 15A)
Set maximum tolerable disruption levels for each Important Business Service (IBS)
— auto

Set maximum tolerable disruption levels for each Important Business Service (IBS). Impact tolerances define the point at which disruption causes intolerable harm to consumers.

Important Business Service (IBS) Consumer Impact Max Tolerable Duration Max Data Loss Impact Tolerance Set Within Tolerance? Actions
3
Resource Dependencies & Mapping
Map people, technology, facilities, information, and third-party dependencies
— auto

For each Important Business Service (IBS), map the resources required to deliver it. Identify single points of failure and concentration risks.

Important Business Service (IBS) / Function People (Key Roles) Technology Facilities Third Parties Single Point of Failure? Actions
4
Financial Impact Assessment
Quantify financial losses from disruption scenarios
1
Threat Register
Identify, assess, and mitigate threats to business continuity
— auto

Assess each threat by likelihood and impact. The risk score determines priority for mitigation.

Threat Category Likelihood Impact Risk Score Risk Appetite Existing Controls Residual Risk Owner Actions
2
Stress Testing & Scenario Testing
Test resilience against severe but plausible scenarios (SYSC 15A.5)
— auto

Test resilience against severe but plausible scenarios. The FCA requires firms to test their ability to remain within impact tolerances under stress conditions.

Risk Category Stress Test Date Tested Result Actions / Comments Actions
3
Self-Assessment (SYSC 15A.6)
Assess ability to remain within impact tolerances and identify vulnerabilities
4
Governance & Oversight
Board accountability, SM&CR responsibilities, three lines of defence
1
Crisis Management Team
Key personnel with 24/7 contact details and deputies
— auto

The Crisis Management Team is activated when a BCP incident is declared. All members must be contactable 24/7.

Name Role / Title CMT Role Office Phone Mobile Personal Email Deputy Actions
2
Emergency Contacts Directory
External services, suppliers, insurers, and emergency contacts
— auto

Complete directory of emergency contacts. Keep in Recovery Box and accessible offline.

Service / Category Provider / Company Contact Name Telephone Email Reference / Policy No. Actions
3
Immediate Response Procedure
Step-by-step checklist for first 24 hours of an incident
— auto
4
IT Disaster Recovery
Critical systems, backup procedures, and recovery plans
— auto

Critical Systems Register

System Vendor Hosting Recovery Time Objective (RTO) Recovery Point Objective (RPO) Backup Frequency Failover Type Last Disaster Recovery (DR) Test Result Actions

Data Backup & Recovery

5
Communications Plan
Internal/external communication strategy during disruption

Notification Channels (Priority Order)

FCA Notification

Client Communication Templates

6
Facilities & Alternative Working
Office details, assembly points, alternative sites, remote working

Primary Premises

Fire Assembly Points

Alternative Working Arrangements

7
Insurance Details
Business interruption, cyber, professional indemnity, and property cover
— auto

Maintain a complete register of all insurance policies relevant to business continuity.

Insurance Type Insurer Policy Number Cover Level Excess Expiry Date Broker Actions
8
Recovery Box Contents
Essential items maintained offsite for disaster recovery
— auto

Maintain a Recovery Box at an offsite location containing these essential items. Review contents quarterly.

9
Third-Party & Supplier Dependencies
Critical supplier register, BCP status, and contingency plans
— auto

Track critical third-party dependencies and their business continuity arrangements.

Supplier Service Provided Criticality BCP Received? BCP Adequate? Alternative Supplier Contract Expiry Actions
Your Business Continuity Plan is generated from the data entered across all sections. Click "Generate with Anna AI" on any section for Anna AI-assisted content, or "Export Full BCP" to download the complete plan as a document.
Business Continuity Plan
—
Details
Add Item
0