Mobile devices have transformed the way we live, work and interact with people. Organizations are allowing employees to use smart phones and tablets for official purpose.
Enterprises in Banking, Financial Services and Insurance (BFSI) sectors cater to customer's financial needs and handle assets worth in billions through a highly regulated and security sensitive environment. With proliferation of mobile devices, 33% of financial transactions happen through mobile. Increase in financial mobile transactions necessitate organizations to safeguard and secure mobile data with Regulatory and Audit compliances.
As per online research surveys many enterprises report of financial frauds, customer records compromised or stolen, identity theft and denial of service attacks through cybercrime. This leads to huge financial losses. McAfee, estimates that the likely annual cost to the global economy from cybercrime is more than $400 billion. A conservative estimate would be $375 billion in losses, while the maximum could be as much as $575 billion. Majority of these attacks are committed by insiders who know the system very well.
Enterprise CIOs are grappling with security threats like never before. They are required to maintain internal control mechanisms and information security measures (e.g. securing equipment, unauthorized controls and change passwords) to overcome these. Financial service enterprises are mandated to comply with Regulatory and Audit mechanisms which help maintain and keep track of information (data) security. Companies need to conform to regulatory laws based on the services they offer.
BFSI companies need to comply with Regulations like
- FINRA (Financial Industry Regulatory Authority)
- SEC Regulation S-P (Safeguards Rule)
- Sarbanes-Oxley Act (SOX)
- Payment Card Industry Data Security Standard (PCI DSS)
- Basel III
- Identity Theft and Assumption Deterrence Act of 1998
- Federal Rules of Civil Procedure (FRCP)
- The Dodd-Frank Act
- Markets in Financial Instruments Directive (MiFiD)
- European Banking Authority (EBA) Governance Guidelines
- Financial Stability Board (FSB) Principles
- European Market Infrastructure Regulation (EMIR)
- Foreign Account Tax Compliance Act (FATCA)
- Financial Transaction Tax (FTT) Act
These Regulatory mechanisms vary with countries and enterprises need to comply based on the regions they cater to.
Enterprises have to ensure data is complied with Regulatory and Audit mechanisms. This can be analyzed through the following.
- Identify regulations which are important requirements for the business
- Follow best practices in areas of confidentiality, integrity, availability, auditing & logging and authentication
- Report on compliance, violations and deviations based on business transactions