Feds back off proposed disaster recovery regs for Wall Street

Computerworld - Federal regulators have reportedly dropped a proposed plan to require Wall Street firms to move their disaster recovery data centers 200 to 300 miles away from primary data centers, according to an announcement by a U.S. senator today.
In letter to U.S. Sen. Charles Schumer (D-N.Y.), the heads of the Federal Reserve System, the U.S. Office of the Comptroller of the Currency (OCC) and the U.S. Securities and Exchange Commission said they will now work individually with companies to develop contingency plans that will help keep backup sites in New York.
"At a time when New York is scrambling to keep businesses downtown in the wake of 9/11, it would have been disastrous to force the mainstays of New York's financial industry to move out of the city," Schumer said in a statement.
Schumer, a member of the Senate Banking Committee, which has oversight over federal financial agencies, based his analysis of regulators' plans on a Dec. 23 letter from the board of governors of the Federal Reserve System, the SEC and the OCC. That letter said, in part:

"Some of the public accounts, including commentary on prospective job migration, have not accurately described the draft white paper. The draft white paper does not recommend as a sound practice that firms move out of center-city locations. Nor does it set specific minimum distance requirements for back-up operations or mandate the size of the staff at such operations."
"As we go forward ... we also intend to work on a case-by-case basis with those firms that the agencies deem critical to the U.S. financial markets as they develop contingency plans to respond to new post-Sept. 11 risk issues."

Federal regulators released an interagency white paper earlier this year, titled "Sound Practices to Strengthen the Resilience of the U.S. Financial System," which was criticized by financial services firms as not being able to "accommodate the unique complexity of individual firms."
The Banking Information Technology Secretariat (BITS), a Washington-based organization made up by the 100 largest financial services firms in the U.S., wrote a comment letter in October to regulators that opposed several parts of the plan.
"The regulators are trying to do the right thing, but let's do it in a way where we don't impose excessively high costs or implement something that is technologically not possible to do," said John Carlson, senior director of BITS.
Fibre Channel, which is the common network protocol between data centers, currently has a distance limitation of about 70 miles.
Carlson said BITS continues to work withregulators on identifying vulnerabilities of the financial services industry, including what investments could strengthen disaster recovery sites, testing of companies' business continuity plans and what role the government may play in providing economic incentives or aid for the telecommunications industry.