<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=378468&amp;fmt=gif">

Our experts partner with compliance teams around the world to provide customizable, user-friendly software solutions designed to simplify every-day compliance processes while ensuring you meet the strictest regulatory standards.

Our system offers a host of benefits and reassurances for compliance leaders, compliance teams and technology specialists.

Automated conflict of interest detection and mitigation helps your compliance teams work better, faster and more effectively. The rigor of our reporting, surveillance, certification and security systems provides complete peace of mind for Chief Compliance Officers and board members.

Helping you to detect and prevent market abuses that could jeopardize your reputation and regulatory compliance. Actively manage insider lists and investigate employee trading in the context of current market activity and events.

Clear deals faster. Centralize deal data. Reduce your risk. Compliance Control Room lets you organize, manage, and monitor your firm's most important information flows from a single platform.

Whether for work or pleasure, it’s a mobile world. And a mobile workforce calls for mobile solutions. Introducing STAR Mobile. With STAR Mobile, employees pre-clear activity and report transactions on-the-go. Supervisors review escalated requests anywhere there’s a cell connection.

Helping you to actively manage employee trading in the context of market activity and events to guard against insider trading.

Create unlimited projects to easily manage and monitor dynamic lists of employees who have access to insider information.

Compliance Control Room's enterprise-level single platform centralizes all your firm's deal-related activity—letting you manage control room activities more efficiently and effectively.

Increase employee participation. Increase data accuracy. Increase responsiveness. STAR Mobile is a native app that makes compliance simple, easy, and convenient.

New Deadline For New York Data-Security Law

September 1 is the next important date to keep in mind for 23 NYCRR §500

In the works since the big data breaches of 2014, including those of Target and Home Depot, 23 NYCRR §500 was a creation of the New York State Department of Financial Services. It was designed to "promote the protection of customer information as well as the information technology systems of regulated entities."

23 NYCRR §500 officially went into effect March 1, 2017, but had a series of rolling deadlines for when organizations had to meet certain requirements. The next important deadline is September 1, 2018. By then, financial institutions must:

  • Keep an audit trail of all financial transactions.
  • Keep that information for at least five years.

 Further, regulated data:

  • Must be encrypted.
  • Must be erased when it's no longer needed.

Finally, banks must keep an audit trail of "security events" for three years. Right now, banks are only required to keep such information for 30-60 days. A significant change, and a sign of things to come.

New York state of mind
The audit trail and information retention requirements address the concern that, if critical customer information is stolen or destroyed in a cyber attack, it can easily be recovered. The encryption requirements get at the notion that, if data is stolen, it can't be used by the thieves as quickly or as easily. All this for the benefit of the consumer. But these requirements are also beneficial for the affected financial institutions, which might otherwise view themselves as simply having to bear many new and onerous burdens on their businesses. 

Data thefts cost money in the short term, as the company must jump into action, lock down and investigate its operations and practices, and possibly reimburse customers who lose money to resulting fraud. In the long term, a company may lose business due to bad press and the resulting loss of customer trust. All this to say that, given the new reality of how consumer data rights are being perceived and acted upon by governmental organizations, it's better for businesses to think about compliance as not just a way to stay on the right side of regulators but as a way in which to thrive moving forward.

Europe's General Data Protection Rule. California's Consumer Privacy Act. Ongoing talks in the Trump administration about potentially sweeping federal data-privacy regulation. Data regulation is here and more is coming. It's not an exaggeration to say there's been an awakening when it comes to data issues, in the US and abroad. The regulation surrounding this new thinking will only continue to pile up and/or evolve.

For the moment, DFS hasn't finalized how it will penalize financial institutions that don't comply with the new law. That will change. Those financial institutions waiting for the other regulatory shoe to drop, so they can get on with their lives, should accept the fact that the shoes have only just begun to drop.

With clients in more than 80 countries, StarCompliance is a global leader in financial compliance software. Our scalable, easy-to-use solutions provide a 360-degree view of employee and business activity to help firms monitor and reduce risk, meet regulatory obligations, gain efficiencies, and drive employee adoption. To see what Star can do for you, book a FREE demo now.



Recent Posts

Subscribe to Blog