How Analytics Is Aiding Banking Compliance

How Analytics Is Aiding Banking ComplianceRegulations are costly and time consuming for banks, and they need to stay on top of their data.

Banks struggled to put this information together, highlighting a complacency and malaise that likely exacerbated the problems of the crisis. Lehman Brothers’ collapse heralded the beginning of a new era of regulations, though, with Dodd Frank, which was introduced in 2010, and Basel III in 2011 among the most far-reaching and complex. Over $100 billion in fines have been paid in US for non-compliance since 2007, and with a new Republican-led regime entering power, it is unclear what the future holds.

The time and cost of regulatory compliance and reporting vastly increases with every new regulation. Regulatory bylaws must, by their very nature, be thorough, and many contain hundreds of pages of information. Keeping up with these causes additional stress to financial services institutions, at a time when new competition from FinTech is creeping up the sides.

This article originally appeared in Innovation Enterprise .  To read the full article, click here.

Balancing Agility And Risk At US Bank

Balancing Agility And Risk At US BankBalancing Agile and Risk Mitigation

As a heavily regulated financial institution, U.S. Bank is rightfully risk-adverse. Nevertheless, it must balance day-to-day operational risk with the strategic risk inherent in not changing quickly enough, and thus losing its competitiveness in today’s turbulent digital environment.

Achieving this balance depends in large part on the software development organization, as all banks are becoming software-driven enterprises, yet must maintain a constant focus on compliance and security.

Dealing with auditors, therefore, is an important part of Peterson’s work. “The auditors seek to ensure the steps taken to manage the  book of business is sound,” she says. “We’ve checked and double-checked our numbers and here’s proof electronically.”

In other words, the role software plays in the auditing process has changed – and with it, auditing itself. Auditors don’t simply pore over spreadsheets. Today, they can review reports from software that can guarantee the data in those spreadsheets are in order.

In fact, the more proactive Peterson’s team can be on compliance matters, the better. “We need to identify technology solutions to fill gaps, so we’re able to be audited and align to the auditors’ checklists,” she says. “We’re not only removing manual tasks; we’re making the software efficient enough to do what is needed to support all aspects of the business.”


View Source

The 3 Compliance Questions to Ask

The 3 Compliance Questions to Ask

As companies move to cloud, they require more certainty around export compliance.

Of the many complexities associated with cloud computing, export compliance laws arguably are some of the thorniest. From a legal and technical perspective, the export compliance laws currently on the books—as they vary from country to country—can make even the savviest and most experienced attorneys’ and engineers’ heads spin.

All enterprises must adhere to a variety of industry- and country-specific rules related to important security, data privacy, taxation and export controls. But these rules become especially murky around cloud services. For example, if a U.S.-based company provisions a virtual machine abroad, say in China, does it need to develop region-specific export controls?

Export compliance rules raise other, broader questions. For example, how do you retain agility while complying with the necessary regulations? And how do those regulations and controls vary according to workload? Like tax regulations, rules for collecting and distributing user data vary depending on location.

Not having the proper compliance protocols in place can have serious implications. Say your client is expanding into a foreign market and, at the last minute, they request a number of changes that have not been evaluated from a compliance perspective. Either the expansion is delayed, which could be damaging from a reputation and financial perspective, or the company runs the risk of being cited for compliance violations.

So, as more and more companies expand globally, how can they prepare to meet the compliance challenges stemming from cloud computing?

Read the source article at
Original Author: Contributor

Scaling Collaboration in DevOps

Scaling Collaboration in DevOps

Those familiar with DevOps generally agree that it is equally as much about culture as it is about technology. There are certainly tools and practices involved in the effective implementation of DevOps, but the foundation of DevOps success is how well teams and individuals collaborate across the enterprise to get things done more rapidly, efficiently and effectively.

Most DevOps platforms and tools are designed with scalability in mind. DevOps environments often run in the cloud and tend to be volatile. It’s important for the software that supports DevOps to be able to scale in real time to address spikes and lulls in demand. The same thing is true for the human element as well, but scaling collaboration is a whole different story.

Collaboration across the enterprise is critical for DevOps success. Great code and development needs to make it over the finish line to production to benefit customers. The challenge organizations face is how to do that seamlessly and with as much speed and automation as possible without sacrificing quality or performance. How can businesses streamline code development and deployment, while maintaining visibility, governance and compliance?

Read the source article at
Original Author: Tony Bradley

Seven points to understand about cloud security

Seven points to understand about cloud security

For example, real-time monitoring and enforcement of policies can not only address performance and reliability issues before the problems become serious but they can also detect and mitigate potential compliance issues. Automating in this way reduces…

By recognizing and addressing the specific risks associated with use of cloud solutions, companies can overcome their fears and shift from a strategy built around minimizing change to one optimized for change says Gordon Haff.


Read the source article at IT security news, reviews and opinion

Healthcare security and HIPAA: Why compliance and security are still lacking

Healthcare security and HIPAA: Why compliance and security are still lacking

A number of healthcare data breaches have made the news of late, particularly involving large insurance companies and data clearinghouses. As the media portrays the situation, our private health information is leaking to the outside world at an alarming rate. Based on Bitsite’s recently-released Third Annual Industry Benchmark Report, we should not be surprised. Based on the Bitsight report, the healthcare industry is near worst in overall security, with only education below them.

Read the source article at

Original Author: Robert C. Covington

Security and Compliance Issues Expected to Use One-Third of IT Budgets

Security and Compliance Issues Expected to Use One-Third of IT Budgets

Unfortunately for many organizations, the best security and compliance tools don’t come cheap. Nor will these security essentials become less expensive in the future, as hackers’ techniques become more sophisticated.

A new Gartner study reveals that in order to protect against growing cybersecurity threats, typical IT organizations will likely spend up to 30 percent of their budgets on security by 2017 — triple the amount spent just a few years ago.

Security Shouldn’t Be So Complicated

Read the source article at PivotPoint

Original Author: Sue Poremba

3 “Rs” Of Monitoring Dodd-Frank Trade Reporting in Real-time

Dodd-Frank Trade Reporting ComplianceDodd-Frank Trade Reporting isn’t coming … it’s here. February 28, 2013 was the date that Major Swap Participants (MSPs) were required to begin reporting equity, foreign exchange and other commodity swaps. And this is just the beginning of a series of milestones in the regulation that was designed to prevent future “too big to fail scenarios,” such as what occurred during the Global Financial Crisis of 2008. But, there is a bigger story here around regulation and compliance and how IT is used to ensure transparency, accuracy and accountability in reporting.

Read More…

Real-time Compliance Monitoring at SIFMA

Win a tablet in the Nastel booth at SIFMANastel will be at SIFMA in NYC  June 18-19, booth #1207. We will demonstrate our solution for real-time monitoring of Dodd-Frank Trade Reporting compliance.  
The solution use message tracking across WebSphere MQ, Message Broker, DataPower, TIBCO and other environments to present the lifecyle of a reportable trade, in real-time.
If you are at SIFMA, stop by, say hello and see the demo.  
We will also have a raffle for a tablet at the show.