Scroll Top
Hounslow East, London UK

ICAS Policing and Security

ICAS Policing and Security

Who you deal with

Whilst preview found hundreds of security companies. These are companies that ICAS  find to ride the security band wagon whilst the going is good. Some of these companies are well staffed with good technical people and have great direction. Some of the companies are not and just collect consultancy currency because they are in the right place at the right time. The consensus in the security industry amongst those in the know is that eventually the cream security companies will consolidate into the antivirus vendor type companies and that portion of the security market will become a commodity.

This is the cycle that the security market will undertake and the reason for me mentioning this is because you need to be aware of such things when selecting a security vendor to partner with. Be wary of security companies that have little or no background in the industry. This makes it a lot harder for the Investor but in a competitive market there is no room for problematic organizations.

Security & Compliance

By virtue, security companies are meant to be helping organizations become compliant… sometimes they are the ones breaking the rules. Who guards the guards? Walking around at Compliance, asked the vendors what disk IT product they were using (reason is this is my current focus).  Was amazed to find that even the vendors selling encryption were not encrypting their mobile devices. This was also true for some of the Compliance consultants and Compliance scanning companies. What is going on? Are the preachers guilty of not following their own advice?

Found that many public sector organizations were after IT items. This seemed to be a consistent theme in markets this year. With the multitude of vendors offering so many solutions I am sure the market is fractured and confused. Expect the IT market to become consolidated and commoditized just like antivirus.

ICAS help organizations of all types and size to address security and achieve and maintain compliance, by identifying risk and helping to mitigate against it. ICAS range of services includes everything from software solutions that assist acquiring organizations in managing their entire merchant portfolio, to tailored services for individual organizations that provide pragmatic, affordable security and compliance solutions.

DATA COMPLIANCE OVERVIEW

Lawmakers and regulators around the world are enhancing existing data security compliance requirements, implementing new legal frameworks and defining new data security regulations to respond to increasing internal and external hazards. As requirements for data protection compliance strengthening, the use of point solutions to patch holes in data security compliance requirements becomes increasingly expensive and difficult to support.

The ICAS Data Security Platform provides a common, extensible implementation infrastructure that supports compliance regimes with protection for data-at-rest using encryption, enterprise key management, and access control and security intelligence across enterprises, cloud and big data environments. The result is a simple, efficient data security compliance solution that delivers compliance with low total cost of ownership.

Who Pays for Policing Compliance?

When the Securities and Exchange Commission mandated that mutual funds have “compliance” chiefs, it was trying to protect shareholders from improper behavior taking a bite out of their returns. But at some funds, compliance officers themselves will soon be nibbling away at investors’ nest eggs.

The ICAS board discussed having the adviser absorb the entire cost of the compliance position, but quickly dismissed that option because the rule applies directly to the fund. Making the adviser pick up the tab also “would have cut into profits too much.

The question of how to foot the bill is difficult for mutual funds because of their unusual structure. Funds are owned by shareholders and overseen by boards of directors, which hire advisory firms to manage the money. Funds typically don’t have employees of their own or budgets to pay salaries. Compliance officers will do that

Most shareholders will learn about the fee increases in their funds’ annual reports. “Shareholders could not realize expenses are going up.

Fund companies that start out by absorbing the added cost may be forced to raise fees later. “If they’re paying for it themselves, it could be wiping out a quarter of their profits, a situation that small funds may not be willing or able to sustain.

Your ICAS Compliance Program must include, at a minimum, the following:

First, your business should formally adopt an AML Compliance Program. This Guide can serve as the basis for that program, however, you must check with your local regulations for the specific requirements for adoption of a Compliance Program. form that can be used to certify adoption of such a program.

Second, your business must designate a Compliance Officer. The Compliance Officer may be an employee who has other duties at your business, but it should be someone in a responsible position. The Compliance Officer is responsible for your business’s day-to-day compliance with the AML laws and regulations, and for ensuring the Compliance Program is updated as needed. The Compliance Officer is also responsible for overseeing your business’s ongoing education and training program. When you designate a Compliance Officer, verify that the qualifications of that person meet the local requirements and document it accordingly. You can complete the sample Designation of Compliance Officer form shown and then retain it in your AML compliance files.

Third, your business must adopt policies and procedures for the identification and reporting of Suspicious Activity and High Currency Amount Transaction Reports. You must check with your local regulations for these thresholds and what it considered to be a suspicious transaction as well as the allowable time delays to report such activity. If you’re business plans to impose stricter thresholds than those required by your government, those should be included in your Compliance Program.

Fourth, your business must establish an ongoing employee-training program for all employees who will have any involvement with the activities. The education and training should include instruction on the employees’ responsibilities under the program, as well as the detection of suspicious transactions. One good tool for training is this Guide. All employees should be required