Insight Search Search Submit Sort by: Relevance Date Search Sort by RelevanceDate Order AscDesc Insights paper October 8, 2024 Best Practices for Building a Sustainable PCI DSS Compliance Programme Creating and maintaining a sustainable PCI DSS compliance programme is a crucial and complex task for organisations to protect payment card transactions and uphold consumer trust. However, despite the PCI DSS standard being around for almost 20 years, many organisations still struggle to achieve and validate compliance with it.In April 2016, the PCI Security Standards Council (SSC) introduced the… In Focus October 17, 2024 The DoD unveils the Cybersecurity Maturity Model Certification Programme: A primer for defense contractors As cybersecurity threats evolve, the U.S. Department of Defense (DoD) has introduced a long-awaited pivotal framework aimed at bolstering the security of its national defense supply chain: The Cybersecurity Maturity Model Certification (CMMC) Programme. The new rule, published Oct. 15, marks a significant step towards enhancing cybersecurity across the Defense Industrial Base (DIB). Newsletter December 19, 2024 Compliance Insights As we enter the new year, the financial services industry once again faces compliance risks that are increasingly diverse and complex. For 2025 we asked a larger-than-usual group of Protiviti colleagues across the globe to help identify the most pressing compliance issues in their market. Artificial intelligence, financial crime, privacy and security, operational resilience, third party risk… Whitepaper October 22, 2020 How Firms Can Tackle Technology Risk Blind Spots to Build Resilience Contrary to popular belief, criminals — insiders or outsiders — are not the most common cause of major operational failures. Technology is the biggest culprit. The rapid adoption of artificial intelligence (AI), blockchain, robotic process automation (RPA), cloud computing and other technologies continues to transform finance. It has created a mix of technological risks that frequently disrupt… Whitepaper May 28, 2024 DORA Compliance: Untangling Key Hurdles to Implementation The Digital Operational Resilience Act (DORA), or more formally known as Regulation (EU) 2022/2554, took effect on 16 January 2023, with final industry compliance required by 17 January 2025. The regulation underscores the importance of digital operational resilience in today’s increasingly interconnected and digitized landscape and seeks to expand the reach of European regulators incorporating… Blogs July 14, 2023 Top Takeaways from the EBA’s Report on the ML/TF Risks of Payment Institutions The European Banking Authority (EBA) recently released a report on its 2022 review of the money laundering/terrorist financing (ML/TF) risks of European payment institutions (PIs). There are nearly 900 authorised PIs in the EU which are subject to Directive (EU) 2015/849 (‘AMLD’) for anti-money laundering and terrorist financing (AML/CFT) purposes. While many of the EBA’s findings are… Whitepaper September 16, 2020 The Road to Resiliency – Building a Robust Audit Plan for Operational Resilience Executive Summary The financial services industry has long relied on internal audit functions to assess and challenge the effectiveness of various programmes designed to protect and build organisational value. These programmes have included disaster recovery, business continuity, risk management, cybersecurity, and many others designed to help institutions recover from an event. The pressure… Whitepaper September 21, 2020 Driving Operational Resilience From the C-Suite The actions and decisions of C-suite leaders are typically driven by strategies designed to guide businesses toward growth and success. These plans invariably contain many assumptions. One is the expectation that their organisations will be able to deliver goods and services to customers even under stressful conditions – an expectation of resilience that is sometimes ill-conceived and… Whitepaper September 20, 2020 Early Signs of Regulatory Alignment on Operational Resilience Concepts, Themes In early August 2020, the Basel Committee on Banking Supervision (BCBS) released a consultative document, titled “Principles for Operational Resilience,” that proposed a pragmatic yet flexible approach to operational resilience, one intended to be principles-based. Publication of the consultative document was expected and timely, coming amid a growing regulatory focus on operational risks and the… Whitepaper October 18, 2021 Internal Audit, Risk, Business & Technology Consulting 2022 Regulatory Hot Topics: Considerations for Internal Audit Expectations are that the financial services industry will experience a more challenging regulatory environment under the Biden administration than under the former administration[1]. Those who have been tapped to lead the various regulatory agencies – and even those thought to be in contention for key agency roles – have signaled their supervisory priorities, many of which align with key… Load More
