• Terms and Conditions
• Privacy Policy
• Business Continuity

Looking for BlackRock capabilities and product information?

Visit your local site

Select your location Australia Belgium Canada 中国 Deutschland España France 香港 - Hong Kong India Italia 日本 한국 Latin America Magyarország Nederland Österreich Polska Portugal Singapore Switzerland 臺灣 United Kingdom United States Location Not Listed?

BlackRock has an active business continuity program that seeks to minimize the impact of computer- or facilities-related emergencies or external events on BlackRock and our ability to service our clients. BlackRock’s Board of Directors and Executive Committee are responsible for oversight of the firm’s business continuity program. The Business Continuity Management group manages the program.

BlackRock’s business continuity program has several key elements:

• Business Continuity Planning
• Business Impact Analysis
• Disaster Recovery Testing
• Employee Awareness Programs
  

Business Continuity Planning

Business Continuity Plans (“BCPs”) are the administrative and operational procedures established within an organization to reasonably assure continuity of operations in the event of a disruption of processing capabilities. BlackRock management, through the Business Continuity Management group, is responsible for assessing business continuity risks and for implementing, testing and maintaining BCPs.

To attain the goal of resuming critical business functions at an alternative site within 24 hours or less of an emergency, we have developed written business continuity plans for our major offices. The plans include recovery strategies for personnel, data, communications and information processing. The program includes the following components:

• Different plans for different disaster scenarios;
• Procedures to activate disaster recovery plans, and for management of the recovery effort;
• Prioritized lists of business functions and technology services, with target recovery timeframes;
• Checklists for immediate response, outside party notification and damage assessment;
• Employee emergency pocket cards that contain procedures for employee evacuation, assembly, check-in and communication;
• Tools to streamline employee notification and communication;
• Procedures for fail-over and testing;
• Contact information for employees, clients, broker-dealers, custodian banks, backup tape vendors, technology vendors, recovery service vendors and other critical contacts; and
• Recovery sites to continue operations.

We update the BCPs periodically to reflect changes in our business and technology environments. Plans are maintained for BlackRock’s business operations in all major offices and for the services provided to BlackRock’s clients. Plans for smaller offices are also maintained; they are based on the business functions performed at each office.

Critical third-party systems are included in BlackRock’s BCPs and scheduled disaster recovery tests.

We regularly make tape backups of selected servers, including nightly backups of our database and file servers. Backup tapes are stored at secure off-site facilities and are periodically tested.

With regard to client assets, market-traded securities are held in central depositories (such as the Depository Trust Co. in the U.S.) or with custodian banks, rather than in physical certificates. Ownership of the securities is reflected on a book-entry record-keeping basis with our custodian banks or depositories’ participants (such as Merrill Lynch) maintaining on their records the beneficial ownership positions of their customers. This structure is recognized worldwide as providing investors with an unsurpassed level of liquidity and security. BlackRock’s broker-dealer subsidiaries comply with the Financial Industry Regulatory Authority’s NASD business continuity-related rules 3510 and 3520.

Business Impact Analysis

Our Business Impact Analysis (BIA) program is designed to ensure that the firm’s BCPs continue to address all critical business functions and underlying technology services. Each department periodically reviews and updates their business continuity needs through a formal Business Impact Analysis program managed by the Business Continuity Management group. Recovery Time Objectives (RTOs) are created for all critical business functions and services as part of our BIA program.

The results of this program are used to perform a “gap analysis” to identify potential areas of improvement for the BCPs. The appropriate groups address any significant gaps and revise the BCPs.

Disaster Recovery Testing

BlackRock personnel test the disaster recovery plans for our major offices and primary data centers at least annually. The tests are designed to enhance our ability to perform necessary procedures to continue operations of critical business functions in the event of a disaster. The tests also identify areas of potential improvement in the BCPs and provide an opportunity for key personnel to rehearse recovery procedures, thus improving their familiarity with the procedures. To increase the number of people who are familiar with the recovery procedures, successive tests are typically performed by different sets of employees.

Selected tests include significant involvement from key end-user departments throughout the firm. These tests strengthen our recovery capabilities by verifying that critical systems meet the needs of the end users, and by increasing awareness of business continuity and disaster recovery issues.

Employee Awareness Programs

BlackRock uses several methods to keep employees aware of the critical role that they play in preparing for any potential disruption or incident. Primary methods used include disaster recovery tests, fire drills, annual compliance seminars, emergency pocket cards and periodic e-mails.

Last revised: Novermber 2008