Logo
About Us
Investment Services
Investment Strategies
FAQs
Contact Us

Business Continuity Plan

Ensuring continuity of service for our clients and partners

1. Introduction

1.1 Purpose

This Business Continuity Plan (BCP) establishes Nexus Arb 's framework for maintaining essential operations during disruptive events. As a tier 2 private institutional investment firm with exposure to early-stage, secondary, and over-the-counter (OTC) markets, we recognize the importance of protecting client assets and ensuring operational continuity. This plan addresses potential disruptions ranging from localized IT outages to region-wide emergencies and outlines procedures to mitigate risks, recover critical functions, and maintain service integrity under adverse conditions.

1.2 Scope

This BCP covers all critical operations supporting our three client segments:


  • Private Clients: High-net-worth individuals with concentrated positions
  • Corporate Clients: Family offices and mid-market corporations
  • Institutional Clients: Hedge funds, PE firms, and asset managers

The plan encompasses our Macao headquarters, our Hong Kong Backup Operations Centre (BOC), a non-operational disaster recovery facility not licensed for regulated activity, and all remote trading personnel. The BOC is designated exclusively for contingency use during operational disruptions affecting primary functions.

1.3 Key Objectives

  • Limit financial losses to <1% of AUM during extended outages
  • Maintain 99.5% uptime for client reporting systems
  • Execute time-sensitive OTC trades within 15 minutes of market events
  • Comply with AMCM regulatory requirements
  • Adhere to ISO 22301 international business continuity standards

BCP Governance

This plan is reviewed annually by the Risk Committee and approved by the Board. Last stress test conducted: June 15, 2025.

2. Business Impact Analysis

2.1 Critical Business Functions

FunctionRTORPOImpact if Disrupted
Trade Execution (OTC/Secondary)4 hours15 minutesLoss of liquidity, client trust erosion
Client Portfolio Management8 hours1 hourCompliance breaches, client dissatisfaction
Fund Operations (Early-Stage)24 hours4 hoursDelayed capital calls, legal risks
Compliance & Reporting12 hours1 hourRegulatory penalties, audit failures
IT Infrastructure2 hoursReal-timeOperational paralysis

2.2 Risk Assessment

RiskLikelihoodImpactMitigation Strategy
Cyberattack (Ransomware/Phishing)HighSevereMulti-factor authentication, offline backups, CrowdStrike EDR
Data Center FailureMediumHighAWS/GCP multi-region deployment, 15-minute failover
Key Personnel UnavailabilityMediumHighDeal team shadowing; redundancy across Singapore/Taiwan/Hong Kong for continuity
Market Disruption (Black Swan)LowExtreme10% cash buffer; pre-negotiated liquidity lines with counterparties
Natural DisasterMediumHighActivate Hong Kong backup operations center (BOC); remote work protocols

3. Crisis Management & Response

3.1 Emergency Response Team

RoleResponsibilitiesBackup
BCP CoordinatorOversees execution, regulator liaisonCOO
IT Recovery LeadSystem restoration, data integrityDeputy CTO
Operations HeadTrade continuity, client commsHead Trader
Compliance OfficerRegulatory adherence, disclosuresDeputy Compliance Lead

3.2 Incident Response Protocol

Activation Thresholds:

  • Level 1 (Minor): Single system outage (<4 hours)
  • Level 2 (Major): Office inaccessible (<24 hours)
  • Level 3 (Severe): Regional disaster (>24 hours)
  1. Detection: Automated alerts via internal monitoring systems
  2. Assessment: ERT convenes via secure internal VoIP within 30 minutes
  3. Containment: Isolate affected systems, activate backup generators
  4. Client Communication: Tiered outreach starting with institutional clients
  5. Recovery: Execute Hong Kong failover if Macao compromised

4. Recovery Strategies

4.1 IT & Data Resilience

  • Primary Data Center: Equinix SG1 with 99.99% SLA
  • Backup: AWS Singapore (ap-southeast-1) with 15-minute RPO
  • Endpoints: Full disk encryption, remote wipe capability
  • Trading Systems: Redundant Bloomberg terminals in Hong Kong

4.2 Alternate Worksites

HK Backup Trading Floor

  • 10 pre-configured workstations
  • Secure VPN access to all systems
  • Dedicated Bloomberg/Refinitiv terminals

Remote Work Protocol

  • Citrix VDI for secure access
  • Hardware token 2FA required
  • Encrypted internal VoIP for trader communication

4.3 Vendor Continuity

  • Bloomberg: Priority support contract (4-hour response)
  • Prime Brokers: Pre-negotiated backup capacity at 3 firms
  • Legal Counsel: 24/7 emergency contact protocol

5. Communication Plan

5.1 Internal Stakeholders

AudienceChannelFrequency
Trading TeamsSecure internal messaging, SMSReal-time updates
All EmployeesEmail, internal VoIP briefingHourly during crisis
Board MembersSecure portal, 1:1 callsWithin 4 hours

5.2 External Stakeholders

AudienceProtocolEscalation
Institutional ClientsPersonal calls from PMsCIO involvement
Corporate ClientsSecure client portal updatesHead of Client Service
RegulatorsAMCM template filingsCompliance Officer

6. Testing & Maintenance

Testing Schedule

  • Quarterly: Desktop walkthroughs of scenarios
  • Biannual: IT failover to backup systems
  • Annual: Full-scale Hong Kong office activation

Maintenance Protocols

  • Contact lists updated monthly
  • Vendor reviews after each test
  • BCP revisions post-incident

7. Approval & Review

This document represents the official Business Continuity Plan of Nexus Arb 's last update, June 2025.

Approved by:
Raymond Wong
Chief Executive Officer
June, 2025

Next Scheduled Review:
Risk Committee
June, 2026

Appendices

Appendix A

Emergency Contact List

For access, please contact the Compliance Dept.

Appendix B

System Recovery Checklists

For access, please contact the Compliance Dept.

Appendix C

Regulatory Compliance References

For access, please contact the Compliance Dept.

BCP Document Control

Version:3.2
Confidentiality:Internal Use Only
Distribution:Senior Management, Risk Committee