There’s a lot happening in relation to regulatory compliance, which is why it’s vital that your business knows about this ever-changing landscape |8 Ways Media

Regulatory Compliance: Security Measures your Finance Business can Implement

There’s a lot happening in relation to regulatory compliance, which is why it’s vital that your business knows about this ever-changing landscape.


Ramzi Chamat / 8 Ways Media
2019-05-15 11:09:00

anatomy - biology - close up of an eye

With the rapid adoption of technology to support business activities, regulatory compliance will continue to evolve and strengthen through the issuance of new requirements and onsite examinations.

Emerging regulatory focus

Customer data protection

In recent years, we have experienced a huge advancement in data loss protection (DLP) technologies, as well as a number of recent high-profile customer data leakage incidents. As such, many global regulatory bodies reinforced their requirements regarding the handling of customer data through updated Customer Data Protection legislations. Many of these legislations introduced a number of updated data protection requirements to ensure adequate data protection.


In the past, bank employees were unable to use their own personal computing equipment, such as smartphones or personal computers/laptops, to access or store the bank’s emails and customer data. In many countries across the globe, this requirement has been relaxed. This means that employees can now use their own computer equipment for work purposes, provided there are appropriate controls in place which comply with the stipulated regulatory requirements.

Cloud computing security

A number of banks have recently migrated their non-critical IT functions to the cloud, thanks to recent changes in regulatory stance regarding banks’ adoption of cloud computing. However, regulators must closely monitor the adoption of cloud services by banks and financial institutions in order to avoid security breaches. Security requirements must be fine-tuned when it comes to the use of cloud technology, electronic banking and cybersecurity.


Operational and IT controls over rogue trading

A number of high-profile rogue trading incidents have occurred in recent years, leading to significant losses for a number of banks. Such incidents revealed loopholes in risk management governance and technology infrastructures, as well as deficiencies in trading surveillance. As a result, both the SFC and HKMA have increased efforts to ensure that banks strengthen their controls over electronic trading, with a particular focus on rogue trading. We expect the HKMA and SFC to continue reinforcing the relevant control requirements through their regular supervision activities (e.g. on-site examinations).

Electronic banking and cybersecurity

Recently, we have witnessed a shocking increase in cybersecurity threats and new technologies being adopted for electronic banking. In light of increasingly sophisticated cyberattack techniques, as well as newly adopted banking channels (such as mobile banking) it can be expected that regulators will refresh their e-banking guidelines to remain afloat of these industry changes. Financial institutions should consider adopting best practices when it comes to e-banking and cybersecurity, in order to protect their infrastructure and stay up-to-date with upcoming regulatory changes.

How to Prepare yourself for future regulatory compliance

Understand the emerging requirements

Look for any gaps within your organization

Have a plan of action to respond

Are you concerned about regulatory compliance requirements?

If so, contact 8 Ways Media today to discuss your options.

Interested to meet digital professionals?

Let’s discuss your project and try to find the best solution for your needs.