Mastering disaster: Do you have a contingency plan?

Jo Gibson, operations director at First Capital Cashflow, explains the importance of businesses having contingency plans in place to mitigate against unforeseen disasters that have the potential to disrupt essential business activity, particularly when it comes to payment processing.

Over the past few years a number of the UK’s biggest organisations have fallen foul of unforeseen disasters. First it was Morrison’s, then Marks and Spencer and even the big finance player Sage Payroll. They have all experienced an unwanted disaster that has threatened to jeopardise the company’s position in the market.

Recent activity has put the safety and security of delicate data at the forefront of business owner’s minds, with the need to protect customers’ information from such disasters becoming increasingly important.

As technology becomes more and more integral to business life, extensive contingency plans should be put in place to mitigate against any unwanted disasters that could harm the day to day operations of a successful business.

Failure to process important business transactions such as payments can seriously threaten the future operations of a business. Organisations that need to keep cash flowing on a daily basis, especially to meet payment deadlines, simply cannot afford to become unoperational due to unforeseen events. Bacs, the organisation behind the clearing and settlement of UK automated payment methods, Direct Debit and Direct Credit recommend all users have a contingency plan in place to ensure minimum disruption should a disaster occur.


According to the Business Continuity Institute’s Horizon Scan 2017 report, cyber-attack is the number one concern for business continuity professionals for the third year running. Hacks and data breaches are the most common cyber-attacks and the threat of sensitive information being leaked is every business’s worst nightmare.

Small and medium-sized companies are constantly at risk from harmful viruses that have the potential to completely lock files, remove access to data and even shut down an entire business. In this case, a thorough back-up plan is paramount to ensure that information is protected and vital systems can continue to operate.

However, it’s not just malicious cyber-attacks that businesses should worry about. There are many other risks including burglary, flooding and large scale fires. Many businesses are unaware of the potential crises that could unfold until one occurs, leaving them extremely vulnerable and unable to meet obligations to customers and suppliers.

Staff holidays and sickness, even loss of company access cards can affect day to day business performance. These scenarios are often over looked and actually can cause major disasters, especially for smaller businesses where staff numbers aren’t as high and operations can be stretched should key team members be absent.

As with a lot of disasters, they seem to arrive at the worst possible moment, so having stringent plans in place to help prevent or minimise the disruption can be priceless in the long-run.

Disaster planning

There is no ‘one size fits all’ approach when it comes to contingency planning and disaster recovery. Every business is unique and therefore every contingency plan will be different.

It is important to establish early on a dedicated team of senior members within the business who will be responsible in the event of a disaster. These people will be on hand to quickly mobilise resources, reassure clients and customers about the situation, brief staff about the current situation and even liaise with the media in the event of a large scale disruption.

Highlighting key processes that cannot stop working in the event of a disaster will also help businesses to formulate a clear disaster recovery strategy. One of the most crucial services for almost all businesses is being able to continue to processing payments, particularly if a business collects more makes payments using automated systems like Direct Debit or Direct Credit. Its vital businesses are able to do this at the agreed time, whether that requires bringing in emergency support from an external organisation or using cloud-based technology that can be accessed remotely.

Work backwards from the worst possible scenario and decipher which key processes could would need to function seconds after the disaster!

Disaster prevention

Although some disasters simply cannot be prevented, there are many steps that businesses can take in order to minimise the disruption that could potentially arise.

Using cloud-based software considerably minimises downtime in the event of a disaster. Information can be easily accessed remotely, anytime and anywhere, should the office be temporarily closed for whatever reason. The cloud also provides an extra layer of security, eliminating the potential threat of data being affected by incidents that may arise at a company’s offices – such as burglary or human error.

Another big advantage of the cloud is the ability to host information in an outsourced, offsite data centre. Data centres provide a cast iron level of security, they are the highest quality environment possible for data storage, with experts in their field on hand to tackle any unwanted incidents. This helps to prevent any cyber security breaches that could cause a disaster situation.

Additionally, having the ability to regularly and incrementally back up sensitive information can alleviate any long-term problems that may occur with any unexpected disaster, ensuring systems can be restored quickly to get essential processes back up and running.

Prevention is always better than cure. The best way to mitigate against as disaster is to put comprehensive plans in place beforehand to ensure essential services, for example payments, can be quickly restarted in the event on a disaster situation.

Jo Gibson is the operations director at First Capital Cashflow, a payments processing company with over 15 years’ experience in managing and facilitating Direct Debit and Direct Credit payments for businesses and organisations across the UK.

Praseeda Nair

Praseeda Nair

Praseeda was Editor for from 2016 to 2018.