A review of compliance requirements faced by financial sector organisations
Authored by James Carver, Managing Director, Business Continuity and Risk Management, Onyx Group
Compliance Requirements in the Financial Sector
Banking and financial services companies are faced with increasingly stringent compliance requirements when managing their data. Compliance requirements can relate to anything from data backup to how the original data is stored, creating a need for safe and reliable data storage solutions.
A number of high profile cases have been reported involving inaccurate records and data loss, as a result of failing to comply with regulations. Most recently, in October 2012, the Financial Services Authority (FSA) fined the Bank of Scotland (BOS) £4.2 million1 for failures in their systems which meant it held inaccurate mortgage records for 250,000 of its customers.
It is vital to protect any information that relates to any transaction or that could be used as part of a transaction. As a result, every stage of communication, whether it is written or verbal, needs to have an audit trail and be defendable against litigation. For example, it is common practice for voice recordings to be taken and emails to be archived and stored securely.
Each “type” of data has a life cycle and generally each organisation will employ a compliance officer to ensure that it is handled in line with regulations. Depending on the institution, the number of compliance requirements can vary. Guidelines exist to help individuals manage processes and safeguard against risk, such as data loss and the illegal use of privileged information. Data backup strategies are recommended to protect against accidental deletion of data, virus outbreaks, floods or fires, disk failures or theft.
Organisations and institutions that might be making investment decisions for financial institutions, such as pension funds, are also guided and protected by regulatory compliance. In addition to this, some organisations can operate on both sides of a “deal” so they might be offering advice to both buyers and sellers. When this is the case, there needs to be clear, demonstrable demarcations with data and user separation, so as one discipline does not influence the actions of the other.
What do I need to adhere to?
There are a number of regulations that must be adhered to in order to ensure that data is safe and secure. For example, the AICPA (American Institute of Certified Public Accountants) developed and maintains the SAS 70 (Statement on Auditing Standard 70)2, which relates to the processing of transactions by service organisations and can be used to show transparency to customers and regulatory bodies. Some of the many service organisations that are guided by this include insurance claim processors, credit processing companies and clearing houses.
The SAS 70 audit has grown increasingly popular with the implementation of the Sarbanes-Oxley Act of 2002, which suggests using SAS 70 as an important resource to show the effectiveness of a service organisation’s internal controls and data security safeguards.
Overcoming Compliance Challenges
It can be challenging for companies to fully understand compliance requirements as their interpretation can differ from the Financial Services Authority’s (FSA) understanding. For example, regulatory guidelines often use phrases such as “we would expect a company operating in this market to have effective disaster recovery (DR) procedures”, giving an element of choice as to whether companies wish to do so, or as to whether that provision is adequate. Another example is the discrepancy in the area of taking voice recordings from mobile phones. While some companies strictly adhere to regulations and record mobile phone conversations, others simply use internal company policy and ban mobile phone use, but then do not log instant messaging (IM) or conversations via online chat services. These discrepancies can often result in companies receiving fines for non-compliance. Further confusion results when the fines are higher than what the company expects to receive.
Companies like ourselves can offer advice and experience to assist in the understanding of compliance requirements but ultimately the banking or financial services firm must make their own interpretation of their compliance position and the rules, based on the market(s) they operate in, who they service and risk.
Due to a growing need for transparency, companies can be asked to prove that they are adhering to legislation at any time and therefore must have the necessary data security tools in place.
There are a number of IT solutions that have been verified after intense scrutiny from the regulatory authorities and that are known to comply with what an organisation would be expected to present to any regulatory body.
These include email archiving and voice recording technologies, as well as full DR solutions to protect a business’s IT infrastructure in the event of floods, fires or theft, for example.
Some of these types of records have been used in the Leveson Enquiry for example and the Libor scandal, in which Barclays was fined £290m in June 2012 after some of its derivatives traders were found to have attempted to rig the London inter-bank lending rate, which is considered to be one of the most crucial interest rates in finance.
In such cases, banks are expected to be able to produce communications in support of both their version of events and to defend against allegations.
From a DR perspective, many companies gain commissions on trading on markets, or need to make decisions on market changes. Being off-line means they cannot earn commissions or react to change and revenues can be affected. As such, they have very tight Recovery Time Objectives (RTOs).
It is fundamental that all businesses, ranging from small and medium-sized enterprises (SMEs) to multinational corporations (MNCs), implement a comprehensive data back-up system to reduce the risk of data loss.
The agility of “Cloud Storage”, in which data is stored in virtualised pools, is growing in popularity due to its many benefits. These include eliminating the need for physical storage space and reducing energy consumption, which in turn lead to cost savings. Hosting providers operate large data centres and companies that require data hosting buy or lease storage capacity from them. This also adds flexibility as storage space can be easily scaled up or down depending on the requirements of the organisation.
Cloud back-up solutions are highly secure, incorporating bespoke encryptions and security practices such as enterprise-grade firewalls. As an example, Onyx Group’s Cloud Backup provides military-grade encrypted online duplication of source data into secure storage vaults at ISO27001 accredited data centres. This data is then replicated between geographically diverse facilities for added resilience. Peace of mind is provided as 24/7 high-specification security systems and personal monitoring are in place at each data centre.
It is also important to consider authorisation rights and assess who in a company should be able to access specific data. Usage rights can be determined with passwords that give access to different areas of the IT system depending on job role.
The safeguarding of data in the banking and financial services sectors is crucial due to the confidential nature of information. Using cloud solutions to backup and store data gives companies the flexibility to choose between backing up data every second, hour, day or week, helping organisations to comply with stringent regulations.
Multiple data centres provide peace of mind so, if data is lost, it is backed up elsewhere, enabling business continuity. Workplace recovery centres are also in operation, meaning office space is provided to companies in the event that their workplace is inaccessible. Data can then be accessed from the relevant data centre, restoring business operation with minimal or no downtime.
2. AICPA (American Institute of Certified Public Accountants) SAS 70 (Statement on Auditing Standard 70)
3. Sarbanes-Oxley Act of 2002, http://www.soxlaw.com/
4. Leveson Enquiry, http://www.levesoninquiry.org.uk/
5. Libor scandal, http://www.bbc.co.uk/news/business-18671255
Take Five: Davos goes virtual
It is the end of January, so time for the Davos World Economic Forum (WEF), and Chinese President Xi Jinping, German Chancellor Angela Merkel, Japanese Prime Minister Yoshihide Suga and European Central Bank chief Christine Lagarde are among this year’s big-name speakers.
But Davos was not spared the pandemic hit; instead of gathering at the Swiss ski resort, the world’s great and good will do so virtually.
With the global economy deep in crisis, there is no shortage of topics: soaring unemployment and debt levels, growing income inequality and climate change.
And, like everyone else, the WEF is pinning hopes on normality returning – it plans a face-to-face meeting in Singapore in May.
Outpaced by a late-2020 surge in so-called value stocks, tech shares have roared back amid the pandemic’s unrelenting march. That is reflected in recent hefty gains for Russell’s 1000 “growth” index versus its value counterpart.
The gains could extend when Apple, Microsoft and Facebook report earnings. Also on deck is Tesla, which recently joined the S&P 500.
The results could push the combined market capitalisation of the FAANGs – Facebook, Amazon, AAPL Netflix and Google-parent Alphabet – back above their all-time peak of $6.16 trillion.
Netflix has done its part; robust subscription numbers reported on Jan. 19 have boosted its shares 17%. Now there are high expectations for the rest. Morgan Stanley has boosted the price target for Apple, declaring themselves “buyers ahead of what we expect to be a record December quarter print”. Microsoft reports on Jan. 26, followed by Apple, Facebook and Tesla a day later.
Graphic: The return of the FAANGs – https://fingfx.thomsonreuters.com/gfx/mkt/oakpeyelnpr/Pasted%20image%201611266376120.png
3/RED ENVELOPE FOR HONG KONG
Record amounts of Chinese money are flowing into Hong Kong stocks, pushing the Hang Seng index above the 30,000 mark, making it a global top performer and putting a floor under Chinese companies blacklisted by Washington.
The inflows have also pushed Hong Kong interbank rates to multi-year lows, meaning authorities may not even need to inject cash, as they usually do in the run-up to February’s Lunar New Year holiday.
An upcoming $5 billion IPO from Chinese online video company Kuaishou may draw in even more mainland money.
For a city rocked by pro-democracy unrest since 2019, this endorsement of its markets is a positive. Unless, that is, one views this as another sign of China’s growing political and financial stranglehold on the special administrative region.
Graphic: Mainland investors hunt for bargains in Hong Kong – https://fingfx.thomsonreuters.com/gfx/buzz/xlbvgylqevq/mainland%20investors%20hunt%20for%20bargains%20in%20Hong%20Kong.jpg
4/DRIVING OUT EUROPE INC BLUES
Europe’s STOXX 600 firms are expected to report a 26% earnings drop during the Q4 season which has just got under way. But that is history – let’s look instead at the January-March 2021 season when a 44% profit jump is predicted.
Such a surge seems intriguing given new continent-wide lockdowns. The explanation lies in consumer cyclicals, which Refinitiv I/B/E/S predicts will post an eye-popping 3,118% profit gain, versus the pandemic doldrums of Q1 2020.
Drilling down to single stocks, Daimler (1,471%), Fiat Chrysler, now Stellantis (177%) and Volkswagen (602%) turn out to be the largest contributors. Carmakers have seen their biggest earnings revisions in a decade and boosting shares to 14-month highs.
Graphic: Autos – https://fingfx.thomsonreuters.com/gfx/mkt/qzjvqmnwxvx/Autos%20hold%20key.JPG
The coming week brings prelimary Q4 GDP data from France, Spain and Germany. Okay, the data is outdated and we already know the first quarter will show an activity dip from lockdown extensions. But let’s not be too hasty in dismissing the end-2020 numbers.
If the economies fared better than expected, it provides a cushion for the blow coming this quarter – that is the conclusion some reached after 2020 growth in powerhouse Germany turned out less bad than feared.
Also pay attention to Germany’s January inflation numbers, out Thursday. Those could show that a reversal in VAT cuts is easing the downward pressure on prices. In short, amid the pain inflicted by lockdowns, some positives might well lurk.
Graphic: Germany’s GDP data set for a bumpy ride – https://fingfx.thomsonreuters.com/gfx/mkt/xlbvgyjmmvq/theme2201DR.PNG
(Reporting by Ira Iosebashvili in New York; Vidya Ranganathan in Singapore; Karin Strohecker and Dhara Ranasinghe in London; Danilo Masoni in Milan; compiled by Sujata Rao)
Hisham Itani and Resource Group Recognized in the 2020 Global Banking & Finance Awards®
Global Banking & Finance Review has awarded Hisham Itani the Chairman and CEO of Resource Group, Technology CEO of the Year Middle East 2020 in recognition of his vision, strategy and strong leadership that have contributed greatly to Resource Group’s success in winning the Most Innovative Holding Group Middle East 2020 in this Global Banking & Finance Awards®.
Resource Group is an investment group with a portfolio of diversified businesses that capitalizes on technology and human talent for value creation. The company has proven that it has gone the extra mile to develop innovative solutions aimed at improving people’s lives and helping Lebanon transition toward a knowledge-based economy. Global Banking and Financial Review, the renowned online and print magazine identified a number of areas that Resource Group has excelled. The company has been awarded Most Innovative Holding Group Middle East 2020, and Hisham Itani the Chairman and CEO, receives the award for Technology CEO of the Year Middle East 2020. Under his leadership, Resource Group has grown from a family security-printing business to a diversified international investment group, with a portfolio of companies across 10 sectors in over 75 countries.
Wanda Rich, editor Global Banking & Finance, said “Mr. Itani took the security printing business to another level and expanded into different technology verticals in an impressive list of success stories”. The list includes digital security, smartcard manufacturing, mobile value added solutions, cyber security and secure communication solutions, telecom infrastructure and managed services, elections supply chain services, lottery systems and operations, mobile and virtual reality games, among others.
Resource Group’s focus on technology has had a constructive and tangible impact on government automation and on citizen experience in target markets.
Editor Wanda Rich says “We are proud to offer Resource Group these prestigious awards and wish them continued success and growth into 2021 during these challenging economic times”.
Global Banking and Finance Review is a renowned online and print magazine. The magazine’s website alone receives over 7 million page views annually. Global Banking and Finance Review provides a balanced view with formative and independent news from the financial community. The Global Banking & Finance Awards® were created to recognize companies of all sizes that are prominent in particular areas of expertise and excellence within the global financial community. The awards are known throughout the global banking and financial community. They reflect the innovation, achievement, strategy, progressive and inspirational changes taking place within the financial sector.
Bouncing back in 2021: Digital Transformation is no longer a choice as dependence on 5G, IoT and Data increases in society and business
By Ivan Ericsson, Head of Quality Management, Expleo Group Limited
The global pandemic has put enormous strain on businesses and brought into sharp focus the importance of being agile, adaptable and able to increase the pace of innovation and change at short notice – catapulting technology right to the top of the agenda for many organisations.
As the economy works to get back on its feet, technology is only going to play a bigger role in our lives. At Expleo, as experts in digital transformation and the reliable implementation of technological innovations, we’ve outlined the biggest tech-driven trends that we expect to see in 2021 and beyond.
1) “Digital transformation” no longer a choice
If the COVID-19 pandemic has taught businesses anything, it’s that they need to be poised to respond to abrupt market disruption at any moment, making digital transformation mandatory overnight.
With no room for delay, hugely complex corporations – that have historically been slow to adopt technology – have had to accelerate their reliance on technology just to keep afloat in recent months. Digital change, at speed, has become the norm.
Even last year, the idea of an unscheduled video conference call might put people on edge – now most of us wouldn’t think twice about calling a colleague over Teams or Zoom even for a 2-minute conversation. At the same time, social infrastructure has moved with the needs of its users, with telecoms giants strengthening and opening up networks so we can keep communicating despite social distancing.
There are now very few excuses left for operating in a non-digital way. All businesses need to be intelligent businesses that can change direction nimbly, with speed, confidence and composure. As we see more businesses putting this into practice, it’ll likely result in an increased number embracing and normalising some of the behaviours of tech-savvy giants like Apple and Amazon, who have no doubt thrived during this period.
Their success can largely be attributed to normalising an agile approach. By ensuring all applications have testing facilities built in – a “quality shadow” if you will – it allows for continuous improvements, and the ability to change direction quickly and confidently, when needed. This is particularly valuable today as the world becomes more fast-paced and increasingly unpredictable.
2) Big data/AI/predictive analytics
We’re moving into a space where big data can be extracted from the most seemingly innocuous places. In a hyper-connected world, a move as simple as a dog walk could offer huge swathes of data to the right companies. Many businesses already realise the benefits of capturing and utilising big data, but not all have taken advantage of it. The businesses that move quickest are most likely to reap the rewards in a more impactful way than their ‘data shy’ competitors. Where data used to be a side effect of business operation, it is now the driving force.
As businesses begin to rely more heavily on data to make critical decisions, independent assurance becomes increasingly important to get those decisions right. Forward-thinking, data-driven organisations must therefore assure that the data is correct in the first place, to avoid giving businesses false confidence and risk them moving in the wrong direction – something that is rarely affordable in today’s competitive and fast-paced environment. If businesses are not 100% confident in assuring the quality and accuracy of their own data, they should look to a third party for support.
A key data trend we expect to see moving further into 2021 is the increased use of predictive analytics. At the moment, businesses will often use data analytics to give us insights into our past activities, or to tell us where we are right now. However, the real value lies in knowing where we are going and how we are going to get there. Data analytics will help to identify the optional levels that can be pulled to drive change and realise business benefit.
Secondly, as intuitive technology advances and becomes more accessible, we expect over the next 12 months to see companies of all sizes begin to adopt artificial intelligence (AI) to drive intelligent analytics. In this context, AI refers to various technologies that allow machines to learn, sifting through ‘messy’ big data in order to find and unlock valuable predictive insights into future events. This allows businesses to better adapt their strategy to likely future outcomes and get a head start in the market.
However, with this ever-increasing emphasis on data and data protection, ethical AI will have a more prominent role to play in 2021 and beyond. Protected, usable Data is a by-product of good data security and privacy measures; however, the public remain wary of how their data is being used, particularly after the fallout from Cambridge Analytica’s use of data to influence an election. Businesses, therefore, must give their customers confidence that their data is secure and protected.
3) Moral relevance/corporate altruism
Research shows that young people are increasingly researching and considering the ethics of brands they’re purchasing from. And it won’t be long before this attitude starts seeping into every other aspect of their lives, with more and more people wanting to work for what they consider to be “purpose-driven” businesses.
Talent is the lifeblood of any company, so for big corporations, many of whom were born to create profit, this could put them in a tricky position. They might already be influencing society in a positive way – but this is unlikely to have ever been their main goal.
Moving forward, however, all organisations will have to start thinking about the “Triple Bottom Line”. That means considering the environmental and social impact of your business, alongside your commercial imperative.
We’ll soon see a mindset switch across businesses, from ‘competing’ to ‘advancing’. Instead of wanting to be the “best,” the question will be, how can I better serve the world around me?
In line with this, businesses will have to start thinking more about how to use tech for good, as we’ve seen with the likes of Microsoft Teams connecting tens of millions of people every day, during this very dark time.
2021 is likely to bring even more inroads when it comes to using technology to improve society, whether it’s developing bespoke problem-solving technologies or using IT to ‘eco-proof’ existing sectors, the goal for businesses is to rise to this challenge and build a better future for people and the planet through the use of technology. But all organisations will continue to need to be able to justify technology use and prove that they’re using it ethically, and in a secure manner.
4) 5G new networks – just about all big trends are driven by/reliant upon faster networks – particularly relevant for a more distributed workforce
Greater access and utilisation of 5G networks across the country will underpin and accelerate all of the key trends discussed. Everything we do on our smart devices we can expect to do at higher speed, greater capacity and with lower lag times.
As our digital footprints extend beyond simple web browsing and into our daily lives through smart technology, we are creating huge amounts of data every minute. This vast flow of data is increasingly dependent on new high bandwidth networks to facilitate it. Therefore, the merging of technology and engineering will become critical in ensuring big data is carried successfully to drive analytics and drive business.
The fact we have managed to successfully work from home during COVID is a glowing recommendation for the quality of the networks as they exist today, and they will only get better.
The telecoms industry is already working overtime to ensure that people all over the country get reliable access to the internet – and the fact that there is still inequality in this area proves just how challenging this is. But, in line with this trend toward hyper automation, which will make data extraction and analysis a part of everyday life for businesses, the consolidation of tech and engineering will be ever more important.
Forward-thinking companies will look to incorporate 5G networks into their business strategy. This could be from an internal perspective to enhance the abilities of their remote workforce. Alternatively, this could relate to their own products or offerings – developing an internet of things (IoT) strategy, improve user experience, or bring products to market faster by analysing big data and adapting quicker. Either way, with increasingly improved networks, businesses are expected to take advantage of the huge increase in accessible and usable data.
For businesses to truly reap the benefits of these new technologies, they must be developed and adopted in the right way.
Quality assurance, trust and security are three key requirements that the technology of the future depends on to succeed. Having these requirements at the heart of any digital transformation will ensure that systems perform reliably, having been tested and assured.
By prioritising a seamless customer experience combined with an ability to create, test, and scale digital solutions and operationalise at pace, businesses will be in the best possible position to take advantage of the potential being unlocked by these new technologies.
JPMorgan to launch UK consumer bank within months
LONDON (Reuters) – JPMorgan Chase & Co will launch a digital consumer bank in Britain under its Chase brand within...
European regulator clears Boeing 737 MAX airliner for return to service
(Reuters) – Boeing Co’s modified 737 MAX airliner is safe to return to service in Europe, the European Union Aviation...
Wall Street expects near-record iPhone sales despite delay, shut Apple stores
By Stephen Nellis (Reuters) – During the last three months of 2020, Apple Inc delivered its flagship iPhone 12 model...
ECB comments suppress euro, dollar perks up ahead of Fed
By Ritvik Carvalho LONDON (Reuters) – The euro fell on Wednesday, under pressure after a European Central Bank official said...
Business jet prices seen as stabilizing in 2021 after year-end order blitz
By Allison Lampert and Ankit Ajmera (Reuters) – Preowned business jet prices are seen stabilizing in 2021, boosted by a...
Sterling gets vaccine boost to hit 8-month high vs euro
By Joice Alves (Reuters) – Sterling rose to a fresh eight-month high against the euro on Wednesday as Britain’s faster...
GameStop stock doubles again with no let-up in amateur interest
(Reuters) – Shares of videogame retailer GameStop Corp surged another 130% on Wednesday in pre-market trading as amateur investors continued...
Britain may raise contactless ceiling after pandemic payment surge
By Huw Jones LONDON (Reuters) – Britain will look into raising the limit on contactless payments from 45 pounds to...
Britain may raise contactless ceiling after pandemic payment surge
By Huw Jones LONDON (Reuters) – Britain will look into raising the limit on contactless payments from 45 pounds to...
Auto recovery fuels optimism for Europe’s earnings season
LONDON (Reuters) – Expectations for European companies’ profits in the last quarter of 2020 are improving as the reporting season...