Business Continuity

A list of suggested questions to ask your Direct Debit provider about their Business Continuity Plan (BCP).


You should include a section in your RFP asking your payments provider about their Business Continuity Plan (BCP).

Suggested questions to ask include:

Question Explanation
1. Do you have a Business Continuity Plan (BCP)? If so, please attach to this RFP. If not, please explain your processes around Business Continuity, i.e. procedures for recovery from a partial or total loss of your services due to a technical failure. A BCP is a step-by-step explanation of what the process is for restoring data and availability of the service after any adverse event, both major and minor. It should explain the exact steps taken, resolution times, and key risks - in particular, how much data would be lost in a major event.
2. How frequently do you create data backups? These should be as close to real-time as possible to minimise potential data loss.
3. For how long are these backups retained?
4. Where are these backups stored?
5. How are backups secured?
6. In a disaster event, how long would it take you to restore the system from these backups? Would any data be lost, and if so, how much? Naturally, you should be looking for an answer as soon as possible and no data loss. 2-4 hours is a good answer here.
7. How are employees kept aware of the BCP? This should be a quarterly/semi-annual review with the person in charge.
8. How frequently is the BCP reviewed and how do you ensure that it is kept up to date? This should be quarterly/semi-annually reviewed by a senior team member.
9. Who has responsibility for deciding to invoke the BCP? This is usually the Head of IT/Engineering or Security.
10. When was your BCP last tested? Describe how testing took place. The organisation should have simulated a disaster event to ensure all steps of the process work.
11. Describe your review process in the event of a disaster that required the BCP to be invoked. The organisation should perform a retrospective and take specific actions to improve the process in case of future adverse events.

Our sample RFP includes all of the questions above and more. You can download it here and use it as a template for creating your own.

Note: The questions suggested on this page are intended as a starting place for writing your own RFP. They're provided for general information only: they're not intended to be prescriptive or to provide legal advice. We suggest working closely with your management to develop an RFP that is tailored towards the specific requirements of your business.

‹ View table of contents Next page ›

Latest features

Security vs. convenience in the payment experience: What matters most to online shoppers?

We surveyed 4,000 customers across the UK, France, Germany and Spain about their attitudes to security and convenience when shopping online. Get all the insights here.

The new CFO: How 4 CFOs have seen their roles evolve

Hear from the CFOs at GoCardless, SideTrade, The FD Centre and Wolffepack as they discuss how the role has evolved – with insight into the challenges and opportunities they face in a changing financial landscape.

How to scale a fintech: Strategic advice from industry leaders

Learn from the leaders of Monzo, TransferWise, Funding Circle and more, with over 30 pieces of wisdom for scaling your fintech. Get your free copy now.

View all


Reference guides

View all