Namibia 30 Index (NAX30)
Version 2.0 – Tier-1 Institutional Operational Resilience Framework
Effective Date: February 2026
This Business Continuity Plan (BCP) outlines the framework designed to maintain operational resilience of the Namibia 30 Index (NAX30) in the event of disruption.
The objective of this Plan is to:
- Preserve benchmark integrity
- Maintain calculation continuity where possible
- Ensure governance functionality
- Protect data integrity
- Mitigate operational interruption risk
This Plan applies to administrative, governance, oracle, smart contract, and data infrastructure components of the NAX30 framework.
This Plan addresses continuity risks across:
- Benchmark Administration
- Governance (Multi-Signature Safe + TimelockController)
- Oracle Infrastructure
- Smart Contract Infrastructure
- Data Sourcing
- Public Blockchain Network Dependency
- Third-Party Infrastructure Dependencies
NAX30 operational continuity depends on:
- Official NSX data availability
- Oracle operator participation (2-of-3 quorum)
- Governance signer coordination
- BNB Smart Chain network availability
- Administrative oversight
- Infrastructure providers (node access, RPC endpoints, hosting environments)
Failure in one component does not automatically result in benchmark failure due to structural redundancy.
Target Recovery Time Objective (RTO):
Operational recovery efforts are initiated immediately upon detection of disruption. While no guaranteed recovery time can be assured due to blockchain and exchange dependencies, the Administrator targets restoration of benchmark functionality within commercially reasonable timeframes.
Target Recovery Point Objective (RPO):
On-chain data persistence ensures zero historical data loss under normal blockchain operation. Off-chain administrative records are retained in accordance with internal record retention policy (minimum five-year retention).
Disruptions are categorized as follows:
-
Level 1 – Minor Disruption:
Temporary delay in oracle submission or administrative coordination. No benchmark integrity impact. -
Level 2 – Material Disruption:
Oracle quorum interruption, exchange trading halt, or calculation delay impacting timely publication. -
Level 3 – Critical Integrity Event:
Smart contract vulnerability, governance compromise, systemic exchange failure, or data corruption affecting benchmark validity.
Escalation procedures scale according to classification level.
Governance operates under threshold-based authorization.
Continuity safeguards include:
- Multiple independent signers
- Geographic distribution of signers where feasible
- No reliance on a single individual
- On-chain execution transparency
Loss of one signer does not disable governance provided quorum remains intact.
If a signer key is:
- Lost
- Compromised
- Inaccessible
Governance may:
- Remove the affected signer
- Replace with a new signer
- Execute replacement via timelock
All changes are publicly auditable.
The oracle system operates under a 2-of-3 quorum model.
If one oracle fails:
- Remaining two may continue submissions
If quorum is not met:
- Index update may pause
- Last valid index level may remain published
If an oracle operator becomes unavailable:
- Governance may propose replacement
- Replacement requires Safe approval and timelock scheduling
- Change is publicly verifiable
Oracle operators are expected to maintain operational independence and infrastructure redundancy.
If official NSX data becomes temporarily unavailable:
- The most recent validated traded price may be used
- Index calculation may pause
- Governance review may be initiated
If prolonged disruption occurs:
- Governance may evaluate alternative sourcing
- Any change must follow formal governance process
- Public documentation must be updated
NAX30 smart contracts:
- Are deployed on BNB Smart Chain
- Utilize upgradeable proxy architecture
- Are publicly verifiable
If a vulnerability is identified:
- Governance review is initiated
- Upgrade proposal may be scheduled
- Timelock delay is enforced
- Upgrade execution is publicly recorded
No emergency bypass exists outside defined governance mechanisms.
If BNB Smart Chain experiences:
- Network outage
- Congestion
- Validator instability
- Reorganization events
Index updates may be delayed.
Smart contract state remains persistent once network stabilizes.
Governance may delay structural changes during network instability.
The Administrator does not control blockchain validator operations.
The Benchmark Administrator maintains:
- Repository documentation backups
- Governance access control protocols
- Internal coordination procedures
- Administrative record retention safeguards
Corporate-level disruption does not automatically invalidate on-chain benchmark logic.
Operational resilience includes:
- Secure key management practices
- Multi-device signer distribution
- Segregation of oracle infrastructure
- Restricted administrative access
- Periodic access review
Absolute security cannot be guaranteed.
In the event of material or critical disruption:
- Notice may be published via official repository or website
- Governance execution events remain publicly visible on-chain
- Structural changes remain subject to timelock transparency
The Administrator does not guarantee real-time incident disclosure in all circumstances.
In extraordinary circumstances including:
- Exchange closure
- Oracle failure
- Smart contract vulnerability
- Governance capture risk
- Systemic data corruption
Governance may:
- Temporarily suspend index updates
- Maintain last validated index level
- Initiate remediation process
All actions require formal governance execution.
If continuity cannot be restored due to:
- Regulatory prohibition
- Irrecoverable infrastructure failure
- Governance dissolution
- Force majeure event
Cessation may be proposed.
Cessation requires:
- Governance proposal
- Safe approval
- Timelock scheduling
- Public execution
Historical index data remains on-chain.
The Administrator shall not be liable for disruptions caused by:
- Natural disasters
- War or civil unrest
- Government intervention
- Exchange closure
- Telecommunications failure
- Widespread cyberattack
- Systemic blockchain failure
Force majeure events may impact calculation continuity.
NAX30 relies on:
- Namibia Securities Exchange data
- BNB Smart Chain network
- Oracle operators
- Node and infrastructure providers
The Administrator does not control third-party infrastructure and cannot guarantee uninterrupted service from external dependencies.
If the Administrator is unable to continue operations:
- Governance may designate successor administrative authority
- Documentation and smart contract control remain on-chain
- Succession must follow governance procedure
No automatic transfer occurs outside governance authorization.
This Business Continuity Plan may be reviewed annually.
Governance may:
- Test recovery procedures
- Evaluate oracle redundancy
- Review signer distribution
- Assess operational resilience effectiveness
Amendments require formal governance process.
This Plan does not eliminate:
- Market risk
- Regulatory risk
- Blockchain systemic risk
- Force majeure events
- Liquidity disruption
It provides structural mitigation, not risk elimination.
The Administrator does not guarantee:
- Continuous index calculation
- Uninterrupted availability
- Real-time update frequency
- Market price stability
The benchmark may experience delay, suspension, or cessation in extreme conditions.
This Business Continuity Plan describes operational resilience mechanisms for the NAX30 benchmark framework.
It does not:
- Guarantee uninterrupted availability
- Guarantee price stability
- Create fiduciary obligations
- Eliminate systemic risks
Regulatory interpretation may vary by jurisdiction.
End of Business Continuity Plan.