we will do it together
Digital transformation requires the ability to disrupt markets quickly and maintain a dominant position. In the rush to scale, security and governance lag behind. We bridge the gap by implementing security and data governance procedures.
Being a disruptive technology, finTech doesnt have to meet the same regulatory requirements as incumbent banks and other traditional financial institutions but it still must comply with regulations such as GDPR, PSD2 and PCI-DSS if it is a card issuer. This can give finTech companies a huge financial advantage over traditional banks who typically spend 20% of run the bank costs and 40% of change the bank costs on governance, regulation and compliance (GRC). However, it can also lead to complacency when implementing security and data privacy regulations.
Financial institutions have to be digitally driven if they are to survive and prosper. Traditional banks and finTech companies are taking on more coders as new recruiters than people with financial backgrounds due to advances in technology and the new digital workplace. However, because of these same advances in technology and, in particular, digital product development, organisations are in danger of having compliance and regulation interpreted and implemented by DevOps teams. Law professor Kenneth Bamberger talks about the risk of an “automation bias” where decision making in implementing compliancy procedures are skewed towards what is functionally possible by a programmer as opposed to what is demanded by law. What is required are independent GRC specialists who understand technology. And can code.
P Armtstrong, ESMA
From dashboard to reporting – we implement data and security governance procedures and oversee regulatory reporting. Where possible, we automate the procedure however, our initial focus is on policy generation and procedure implementation throughout the organisation.
Regulations such as PSD2 and GDPR are already in force. We help companies quickly come up to speed with compliance.