Data intrusion, Ponzi schemes, weather events, health pandemic emergences, branch robberies, terror threats and attacks, earthquakes, tsunami tidal waves, cyber attacks, “Occupy” events and other events pose risk to assets, people and reputation.

These events and others fall within the description of “critical incidents.” As mandated by government regulations and best business practices credit unions have implemented extensive and robust business continuity and business contingency plans. These plans coupled with post-event recovery practices have helped financial institutions retool in many circumstances.

However, a business gap exists in this traditional business approach. In between BCP and recovery is the process of critical incident management.

This article provides a high-level introduction to the subject including critical incident management roles and tasks for credit unions.

Critical Incident Definition and Impact on Credit Unions

A critical incident is any event or series of events that has caused, or could lead to one or more of the following:

• People being harmed, injured or killed
• Disruption of business
• Disruption to customer service
• Financial losses
• Reputational damage to the financial institution
• Compliance compromise

All credit unions regardless of size, location, product offerings and security measures are vulnerable to human exploitation and natural disasters. These threats result in critical incidents. The incidents can originate from:

• Natural disasters
• Disgruntled or troubled employees, former employees or customers
• Individuals or groups engaged in criminal activity and/or technology intrusion
• Gangs, drug dealers, organizations or cartels, ethnic organized crime groups, terrorists or terrorist groups

Typically, credit union leaders do not possess expertise in emergency critical incident management to respond competently to incidents. These leaders should not be expected to be critical incident management experts.

What is needed is a system to have information, procedures, guidelines and practices in place to enable leaders to manage a critical incident. The operational goal(s) of credit unions critical incident management leaders is to:

• Restore normal operations as quickly as possible
• Minimize impact on business operations
• Ensure best possible level of service quality and availability is maintained
• Contain incident – enhance safety and prevent loss
• Minimize chaos and disruption
• Maximize communications, continuity and organization

The organizational challenge with any type of incident response lies in the ability to utilize existing human capital and technology tools. Unfortunately in times of a crisis, credit union employees have had to rely on information contained in a five-inch response manual notebook sitting on the shelf covered with dust.

Alternatively the credit union should have user-friendly tools including guides, checklists and procedures that are integrated with easily accessed technology software. These tools should be available to all employees' enterprise wide. The software utility should include functionality to:

• Organize CU response quickly and consistently
• Communicate effectively between levels of response and management
• Locate and communicate with resources, internal and external, on a 24/7 basis
• Maintain business continuity and manage the impact of the incident on the organization at the highest level while others unify their scene response to resolve the incident
• Demonstrate “day-to-day” compliance with regulatory mandates

During a critical incident there are four levels of response and management. In most credit unions personnel participate in all four levels. The levels include:

1. Initial response by employees
2. Incident scene management using command post concept
3. Administrative level management using an emergency operations center
4. Executive policy group

An Opportunity for Thought Leadership

Most credit unions have installed and deployed business continuity planning and software and have detailed business recovery steps. In comparison, critical incident management programs and software have not been integrated. Critical incident management is needed to fill the operational gap to elevate organizational effectiveness and mitigate threat risk.

Robert A.Goldfinger is president of Lormel Goldfinger Global Group LLC and subject matter consultant for BowMac Software.