Financial Services

Cloud Computing & Security For Banking & Investment

In the banking and investment industries, improper access and management of IT and data can be a source of major operational risks, which directly translate into financial losses. CloudAccess identity and access management solutions allow fine-grained oversight and control of user management processes to mitigate these risks in cloud environments.

New Regulatory Compliance Requirements

In addition to meeting regulatory compliance such as the Sarbanes-Oxley Act and PCI, the new Basel Capital Accord introduced the notion of operational risk into the evaluation of the minimum capital solvency requirements for banks. Among the risk evaluation methods proposed by the accord, the advanced measurement approaches (AMA), authorize the financial establishment itself to evaluate the operational risks linked to its activity.
To do this, the bank has to set up an operational risk management system and an entity responsible for installing and managing it. The operational risk internal management system relies specifically on the following data:

Correlation of this data produces regular reports, which contribute to evaluating minimum capital solvency requirements.

Better Management, Better ROI

More than a regulatory requirement, the new accord must be seen as an opportunity to significantly improve identity and access management. Such an overhaul can generate considerable return on investment by improving the productivity of users and IT personnel. It can also allow you to easily deploy procedures that are critical in a banking environment, such as “de-provisioning” and role-based management.

 

How CloudAccess Identity and Access Management solution can help:

CloudAccess identity and access management solution can offer significant advantages:

The table below summarizes, in a non-limitative way, the possible roles that CloudAccess identity and access management solution can play in operational risk management. These modules can be deployed in a progressive way.

Risk Types (according to Basel II Accord) Primary sub-category for IAM Identity Management Secure SSO Provisioning
Internal fraud Theft and fraud x x
Unauthorized activity x x
External fraud Theft and fraud x x
Systems security x x x
Clients, products and business practices Conformity, information distribution and fiduciary duty x x
Execution, delivery and process management Input, execution and monitoring of transactions x x
Customer account management x x

    SEE            READ            TRY       

Read more about CloudSIEM