Enhancing Financial Services Security with Contract Technology

Enhancing Financial Services Security with Contract Technology

The rapid rise of digitization, fueled by remote transactions, poses new risks to the financial services industry. This makes security a higher priority than ever before.

The drivers of the rapid growth of digitization include the increasing use of mobile devices by consumers for digital transactions, the rise of remote and hybrid working, and open banking (exchanging data with third-party providers via APIs). ), including the growing popularity of

According to Arigent/American Banker’s 2022 State of Cybersecurity report, the same factors that are forcing financial institutions to rapidly modernize their systems and processes are also increasing their cybersecurity risk profile. Combined with the unique challenges of the pandemic and recent geopolitical turmoil such as the Ukraine crisis, it’s easy to understand why the awareness of cyber vulnerabilities has grown in recent years.

Think three-quarters of banks and insurers have seen a surge in cybercrime since the pandemic began. The consumer reports he lost more than $5.8 billion to fraud in 2021, up more than 70% from the previous year. Geopolitical turmoil is also prompting more bold actions by bad actors, including a notable increase in Russian cyberattacks against U.S. banks.

Regulators Take Attention

Regulators have expressed concern about the rising cybersecurity threats and are taking more proactive action in the form of new proposals and guidelines related to cyber incident reporting and information security programs.

For example, in May 2021, the Biden administration issued an executive order prioritizing improving the nation’s cybersecurity, with an emphasis on public-private partnerships. The order called for “bold changes and significant investments in order to defend the vital institutions that underpin the American way of life.”

Fast-forward to March 2022 when Congress passed, as part of the Consolidated Appropriations Act, a requirement that critical infrastructure operators must alert the Cybersecurity and Infrastructure Security Agency (CISA) within 72 hours of a hack and within 24 hours of paying a ransomware demand.

That same month, the Securities and Exchange Commission (SEC) issued a proposal to amend its rules on cybersecurity risk management and disclosure rules for publicly traded companies.

In addition, agencies like the Federal Financial Institutions Examination Council (FFIEC) and the Federal Trade Commission (FTC) have published a commentary on how bank and non-bank financial institutions can improve their information security and risk management practices. Their recommendations include periodic assessments of how institutions manage authentication, verification and access controls of internal and external users, as well as activity tracking to help detect unauthorized activity and potential threats.

These are just a few recent examples of how U.S. regulatory and legislative bodies have been urging all institutions managing critical infrastructure—particularly financial services institutions—to place greater emphasis on cybersecurity.

They illustrate the evolving nature of cybersecurity and the broad range of standards and regulations (mandatory and optional) that financial institutions must adhere to as they create a secure and compliant environment.

To mitigate security risks, financial institutions must continuously improve their security posture and invest in enhanced authentication, access controls, and proactive risk management.

4 Ways DocuSign Secures the Contract Process

Fortunately, as financial institutions expand their digital business, DocuSign is well-equipped to protect sensitive information stored or retrieved during the contract process. increase. DocuSign offers four ways for financial institutions to secure contractual processes through a variety of standards and technologies. Type 2 Audit Notably, DocuSign is one of the few companies to comply with binding corporate rules approved as data by the European Union’s Data Protection Authority.

Leave a Reply

Your email address will not be published. Required fields are marked *