Showing only posts tagged Financial Services. Show all posts.

Preparing for take-off: Regulatory perspectives on generative AI adoption within Australian financial services

Source

The Australian financial services regulator, the Australian Prudential Regulation Authority (APRA), has provided its most substantial guidance on generative AI to date in Member Therese McCarthy Hockey’s remarks to the AFIA Risk Summit 2024. The guidance gives a green light for banks, insurance companies, and superannuation funds to …

Introducing the APRA CPS 230 AWS Workbook for Australian financial services customers

Source

The Australian Prudential Regulation Authority (APRA) has established the CPS 230 Operational Risk Management standard to verify that regulated entities are resilient to operational risks and disruptions. CPS 230 requires regulated financial entities to effectively manage their operational risks, maintain critical operations during disruptions, and manage the risks associated …

Automatically replicate your card payment keys across AWS Regions

Source

In this blog post, I dive into a cross-Region replication (CRR) solution for card payment keys, with a specific focus on the powerful capabilities of AWS Payment Cryptography, showing how your card payment keys can be securely transported and stored. In today’s digital landscape, where online transactions have …

Encryption in transit over external networks: AWS guidance for NYDFS and beyond

Source

On November 1, 2023, the New York State Department of Financial Services (NYDFS) issued its Second Amendment (the Amendment) to its Cybersecurity Requirements for Financial Services Companies adopted in 2017, published within Section 500 of 23 NYCRR 500 (the Cybersecurity Requirements; the Cybersecurity Requirements as amended by the Amendment …

New AWS whitepaper: AWS User Guide for Federally Regulated Financial Institutions in Canada

Source

Amazon Web Services (AWS) has released a new whitepaper to help financial services customers in Canada accelerate their use of the AWS Cloud. The new AWS User Guide for Federally Regulated Financial Institutions in Canada helps AWS customers navigate the regulatory expectations of the Office of the Superintendent of …

AWS Payment Cryptography is PCI PIN and P2PE certified

Source

Amazon Web Services (AWS) is pleased to announce that AWS Payment Cryptography is certified for Payment Card Industry Personal Identification Number (PCI PIN) version 3.1 and as a PCI Point-to-Point Encryption (P2PE) version 3.1 Decryption Component. With Payment Cryptography, your payment processing applications can use payment hardware …

Prepare your AWS workloads for the “Operational risks and resilience – banks” FINMA Circular

Source

In December 2022, FINMA, the Swiss Financial Market Supervisory Authority, announced a fully revised circular called Operational risks and resilience – banks that will take effect on January 1, 2024. The circular will replace the Swiss Bankers Association’s Recommendations for Business Continuity Management (BCM), which is currently recognized as …

Helping U.S.-based financial services firms manage third-party due diligence requirements when using Google Cloud

Source

Financial services institutions increasingly rely on external service providers for a variety of technology-related services, including cloud computing. This trend materialized as firms recognized the value in focusing on their core competencies while using third party solutions to gain business, operational, security, resiliency, and other efficiencies. As the financial …

Google Cloud and FS-ISAC team up to advance financial services security

Source

Google Cloud is committed to strengthening the security and resiliency of financial services organizations and making the Internet a safer place for all organizations to conduct transactions and business. While building a secure and resilient ecosystem is a joint responsibility, we want to ensure that we’re working together …

[Infographic] Navigating secure digital transformation in financial services

Source

Adopting cloud computing technologies and services presents financial services institutions with opportunities to address many forms of security risks in new, innovative, and more effective ways. However, firms often lack the tools required to map out their digital transformation journey in the context of security and risk governance. That …

CISO Survival Guide: Vital questions to help guide transformation success

Source

Part of being a security leader whose organization is taking on a digital transformation is preparing for hard questions – and complex answers – on how to implement a transformation strategy. In our previous CISO Survival Guide blog, we discussed how financial services organizations can more securely move to the cloud …

2022 FINMA ISAE 3000 Type II attestation report now available with 154 services in scope

Source

Amazon Web Services (AWS) is pleased to announce the third issuance of the Swiss Financial Market Supervisory Authority (FINMA) International Standard on Assurance Engagements (ISAE) 3000 Type II attestation report. The scope of the report covers a total of 154 services and 24 global AWS Regions. The latest FINMA …

CISO Survival Guide: How financial services organizations can more securely move to the cloud

Source

It’s not just children and adults who face excitement and nervousness on the first day of school. The first day in the cloud can be daunting for financial services organizations, too. Chief Information Security Officers must lead the cloud security component of their organization’s digital transformation, a …

Introducing reCAPTCHA Enterprise’s Mobile SDK to help protect iOS, Android apps

Source

reCAPTCHA Enterprise is Google’s online fraud detection service that leverages more than a decade of experience defending the internet. reCAPTCHA Enterprise can be used to prevent fraud and attacks perpetrated by scripts, bot software, and humans. When installed inside a mobile app at the point of action, such …

Data governance building blocks on Google Cloud for financial services

Source

Data governance includes people, processes, and technology. Together, these principles enable organizations to validate and manage across dimensions such as: Data management, including data and pipelines lifecycle management and master data management. Data protection, spanning data access management, data masking and encryption, along with audit and compliance. Data discoverability …

A pathway to the cloud: Analysis of the Reserve Bank of New Zealand’s Guidance on Cyber Resilience

Source

The Reserve Bank of New Zealand’s (RBNZ’s) Guidance on Cyber Resilience (referred to as “Guidance” in this post) acknowledges the benefits of RBNZ-regulated financial services companies in New Zealand (NZ) moving to the cloud, as long as this transition is managed prudently—in other words, as long …

OSPAR 2022 report now available with 142 services in scope

Source

We’re excited to announce the completion of our annual Outsourced Service Provider’s Audit Report (OSPAR) audit cycle on July 1, 2022. The 2022 OSPAR certification cycle includes the addition of 15 new services in scope, bringing the total number of services in scope to 142 in the …

New AWS whitepaper: AWS User Guide to Financial Services Regulations and Guidelines in New Zealand

Source

Amazon Web Services (AWS) has released a new whitepaper to help financial services customers in New Zealand accelerate their use of the AWS Cloud. The new AWS User Guide to Financial Services Regulations and Guidelines in New Zealand—along with the existing AWS Workbook for the RBNZ’s Guidance …

Google Cloud’s preparations to address the Digital Operational Resilience Act

Source

European legislators came to an inter-institutional agreement on the Digital Operational Resilience Act (DORA) in May 2022. This is a major milestone in the adoption of new rules designed to ensure financial entities can withstand, respond to and recover from all types of ICT-related disruptions and threats, including increasingly …

Introducing SWIFT on Google Cloud

Source

It is hard to understand global payments without understanding SWIFT. For over 40 years, SWIFT, Society for Worldwide Interbank Financial Telecommunication, has secured financial messaging for banks, corporates, brokers, and treasuries in over 200 countries. For example, if you have ever requested a funds transfer from your local bank's …

AWS User Guide to Financial Services Regulations and Guidelines in Switzerland and FINMA workbooks publications

Source

AWS is pleased to announce the publication of the AWS User Guide to Financial Services Regulations and Guidelines in Switzerland whitepaper and workbooks. This guide refers to certain rules applicable to financial institutions in Switzerland, including banks, insurance companies, stock exchanges, securities dealers, portfolio managers, trustees and other financial …

Comprehensive Cyber Security Framework for Primary (Urban) Cooperative Banks (UCBs)

Source

We are pleased to announce a new Amazon Web Services (AWS) workbook designed to help India Primary (UCBs) customers align with the Reserve Bank of India (RBI) guidance in Comprehensive Cyber Security Framework for Primary (Urban) Cooperative Banks (UCBs) – A Graded Approach. In addition to RBI’s basic cyber …

2021 FINMA ISAE 3000 Type 2 attestation report for Switzerland now available on AWS Artifact

Source

AWS is pleased to announce the issuance of a second Swiss Financial Market Supervisory Authority (FINMA) ISAE 3000 Type 2 attestation report. The latest report covers the period from October 1, 2020 to September 30, 2021, with a total of 141 AWS services and 23 global AWS Regions included …

New AWS workbook for New Zealand financial services customers

Source

We are pleased to announce a new AWS workbook designed to help New Zealand financial services customers align with the Reserve Bank of New Zealand (RBNZ) Guidance on Cyber Resilience. The RBNZ Guidance on Cyber Resilience sets out the RBNZ expectations for its regulated entities regarding cyber resilience, and …

Disaster recovery compliance in the cloud, part 2: A structured approach

Source

Compliance in the cloud is fraught with myths and misconceptions. This is particularly true when it comes to something as broad as disaster recovery (DR) compliance where the requirements are rarely prescriptive and often based on legacy risk-mitigation techniques that don’t account for the exceptional resilience of modern …

page 1 | older articles »