Connect with us

Business

TECHNICAL CHALLENGE OR BUSINESS ENABLER? SEIZING THE OPPORTUNITY OF PCI DSS COMPLIANCE

Arnaud Crouzet, VP Security & Consulting at FIME

 

As data breaches continue to rise globally, protecting the integrity of customer data (especially in the payments world) is vital. One essential security standard helping keep such data secure is PCI DSS – an information security standard for organizations that handle cardholder data. But aligning with the standard can be complex, time consuming and costly. And, as result, many payments stakeholders are becoming complacent about compliance.

In fact, less than 18% of organizations measure their DSS controls across their entire environment more frequently than requirements specify. While doing the bare minimum means that companies avoid receiving hefty non-compliance fines, it doesn’t achieve a great deal more…

Adopting a compliance framework that complements commercial objectives alongside the latest security and privacy requirements is key to truly reap the benefits of PCI DSS. With a new approach, stakeholders can maximize their investment in compliance to achieve greater efficiencies, tap into new revenues and deliver more valuable services to customers. With this in mind, how can the business opportunities of PCI DSS be unlocked?

 

Arnaud Crouzet

Scoping it out

Defining the scope – where organizations outline the infrastructure that falls under the requirements of the standard – is one of the most important phases of PCI DSS compliance. But by using it as an opportunity to scrutinize systems, it can also be a useful tool to streamline operations and ‘reduce the scope’ of compliance.

Consider insuring a house. Without any locks on the doors or windows, premiums will be high. But, by considering all entry points and securing them effectively, the risk can be reduced. Taking this one step further, by permanently blocking an unused entrance, for example, the risk posed to the house can be dramatically reduced – and, in turn, so can the insurance premiums!

Scope reduction with PCI DSS works on the same principles. With the right attitude, companies can significantly reduce the scope of their systems that fall under PCI DSS, reducing the risk, ongoing expense and time of compliance.

 

If it isn’t broken, make it better!

Once your payment infrastructure is in place, it can be difficult to both critically assess your own systems and challenge the different parts of the chain, such as processors and acquirers. It’s very easy to say, “It works, so why touch it?”, but this can be a costly approach longer term.

PCI DSS compliance is the perfect trigger to ask: “Why do we do it this way?”, “Can we be more secure?”, “Can we be more efficient?”, “How can we do better?”. By using the time dedicated to review systems and achieve compliance more constructively, players can spot opportunities to put in place better processes, methodologies and technologies. The resulting systems are not only smoother operationally, but deliver significant cost and time efficiencies long term.

 

Deliver added value

If implemented intelligently, new technologies added to achieve compliance can also supplement the delivery of new value-added services.

Take payment tokenization, for example, used to encrypt end-to-end cardholder data. While significantly reducing the scope of compliance, these tokens can also be used to identify customers across omnichannel retail environments and automate loyalty programs without (or alongside) a separate loyalty card. For brick-and-mortar retailers, this can help bridge the gap between the online and offline world while bringing greater simplicity and flexibility to the consumer.

Loyalty programs are hugely effective in increasing revenues (members on average spend $42.33 more than other shoppers), so tapping into this market helps maximize return on investment.

 

Looking to the future

PCI DSS is currently only applied to transactions routed by the PCI member payment schemes. But, they’re a strong benchmark for the protection of all payment systems and customer data universally.

If already applying PCI DSS for card payments, extending it to cover ‘transactions’ generally – protecting instant payments, credit transfers, P2P payments, International Banking Account Numbers (IBANs) and more – can help safeguard and secure systems for the future.

Following the PCI DSS rules blindly can be costly, complex and, in some cases, impossible. The guidelines need to be applied intelligently, using new methodologies and technologies to do things in new, better ways and, in turn, realize commercial benefits beyond compliance.

All of this can be hard to achieve alone, but with the right approach, businesses can make PCI DSS work for them.

To learn more about where to start on the path to achieving PCI DSS compliance and best practice for enabling a positive digital transformation, read our eBook.

 

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business

IS YOUR OFFICE LEASE CRUSHING YOUR BOTTOM LINE? YOU HAVE OPTIONS

LEASE

By Jonathan Wasserstrum, Founder / CEO, SquareFoot

These are unprecedented times for us all. Nobody has a playbook to get through it. Every company right now is undergoing a series of budget cuts and enduring difficult questions, trying to trim wherever it possibly can to help withstand the profound pressures and unique challenges that the covid scare haqs brought with it from an economic standpoint.

Companies looking to avoid having to make significant layoffs to offset their expenses are having to find other budget items that they can slash or reconsider. For many companies, especially those on the smaller side, that relief may come through renegotiating or rethinking their office lease. Especially at a time like this, when there’s so much uncertainty on how long this pandemic might last, and with staffers working from home indefinitely, this sizable area of cost to the business doesn’t make sense for some businesses to carry.

At SquareFoot, the commercial real estate company I founded in 2011, near the beginning of a decade of positive economic outlook, I envisioned helping growing companies to find office space. And I staffed up with a talented team of in-house brokers to show offices in NYC, and to work on deals in 30 other major U.S. cities.

I raise this background to offer some context for how dire the situation is now with regard to commercial real estate, when it’s not possible to show available office spaces to interested parties. Just a month ago, we were looking ahead at a very promising 2020, on track to act on and to achieve goals we had set. Because of this current economic downturn that has hit us all, we’ve also had to shift priorities accordingly.

Jonathan Wasserstrum

We’ve instructed our brokers – effective immediately – to make themselves available to all concerned business owners as trusted advisers to walk them through their current leases and to outline for them all of their options. Even if they never do a transaction with us, I want my team to step up and provide some expertise to stressed-out executives. This is our small but significant way of helping to prevent other companies from having to let go of key staffers. We want to make this an easy choice for entrepreneurs. But, first, it requires them to understand what options they can move on.

We are already working closely with a number of businesses to review and to summarize their current leases, giving them some clarity and greater comprehension of what is set in stone and what can be adjusted in the wake of this crisis. Among the options that I and the team are exploring on behalf of those who have reached out include:

  • Checking with your insurance agent about your Business Interruption Insurance coverage;
  • Subletting the space. It’s not an optimal time to find a subtenant, but it’s still something worth pursuing to salvage the situation at hand;
  • Post empty desks on PivotDesk, a business unit that SquareFoot owns and operates to rent out (as a host) a small number of desks within an office (to a guest) to share the space;
  • Propose a rent abatement now from the landlord and arrange for a term at a higher escalated rent on the back end; or
  • Walking away. Closing up shop and declaring bankruptcy isn’t anyone’s first option, but handing back the keys and letting the landlord keep your security deposit is a path forward for the most desperate of clients.

Obviously, this is not a situation that anyone hoped to be in or had prepared for. We don’t proclaim to have all of the answers for every company, but we do hope that giving some knowledge and sharing some wisdom with those in the most vulnerable of positions right now would leave them better off than without it. In addition to the specifics of the situation for each individual client, we can also step back and have offered some additional background on what to expect from the real estate market in the coming months.

For instance, we anticipate that subleasing will emerge as increasingly important to fill spaces quickly. Amid the 2008 financial crash, subleases went from 20% of the market to 45% of the real estate market after the stock market market crashed. If that’s the direction we’re heading again – and it seems we might – it’s perhaps wisest for those holding onto long term leases to act quickly.

Once the quarantine is lifted, it’s possible that everyone else will catch up and get wise to this opportunity in the market and they will likely request these types of discounted transactions in a rush all at once; subleases could flood the market, driving costs straight up.

Moreover, if similar effects on the office market emerge soon the way they did during the 2008 financial crisis then there will likely be a sharp increase in the number of tenants looking to:

  • Renew their lease
  • Arrange for a short-term extension of their lease

This is the lowest risk strategy for any tenant, of course. Lease renewals are likely to be incredibly popular in the coming months. We expect that landlords will be working closely and compassionately with tenants at this time to offer existing tenants who are looking for short-term extensions to offer incentives, in the form of free or reduced rents.

As the markets go sideways, you can likely find better value on the space you already have. Whether you work with my team and me, or with someone else, we still advise that you should act quickly. Right now, it’s all about reducing costs to keep people in place. Your office lease is a better place to start the discussion than anywhere else on that long list of expenses.

 

Continue Reading

Business

CAPITAL MARKETS – LIQUIDITY MANAGEMENT DURING COVID-19

COVID-19

Tony Farnfield, Partner at management and technology consultancy, BearingPoint

 

When “Dr. Doom” predicted the 2008 financial crisis back in 2006, and spoke of a necessitated market correction and was calling for the repricing of riskier assets; predicting a continuation of a global financial slowdown, or even a global recession starting in 2020, this prediction was based on known factors affecting the global economy. The unforeseen outbreak of Covid-19 and the increased volatility this has brought to global financial markets was not taken into account.

Three months on from the initial outbreak, and we have already witnessed the biggest intraday drop in the Dow Jones Industrial Average. The outbreak, coupled with the oil price shock, triggered responses from the Federal Reserve, the Bank of England and Central Bank of Canada to cut benchmarks rates in an effort to even out the shock to the wider economies.

There is a high degree of uncertainty on how the coronavirus crisis will unfold. We could experience only a temporary disruption – lasting from a few weeks to a few months, or a prolonged stress in markets, assuming that it will be months until vaccine clinical trials begin and with rate cuts (already reaching bottom) having limited effects on the required stimulus.

Banks have undeniably improved their liquidity following regulatory guidance post financial crisis; however, treasury departments will need to prepare and caveat for a wide range of possible outcomes. Traditional stress testing, scenario development and re-calibration have not taken into account conditions such as the ones experienced with the Covid-19 outbreak or the speed with which things evolved.

At a generic level, there are three key steps Treasurer’s should look to take:

 

  1. Convert uncertainties into emerging and quantifiable risks

This is already being considered by some of the larger financial institutions under their crisis management responses. However, it’s important to highlight that even for those that have triggered the crisis management process, the forecasting, rebalancing and risk assessment should be continuous, taking into account new developments in the following manner:

Continuous forecasting

Continuously monitor and develop scenarios of potential sources that could disrupt funding and liquidity usage. With the right analytical capability, cash-flow projections should adapt to changing scenarios, including scenarios coming from the different business lines. Scenario sources could include unexpected credit usage that could encourage either large prepayments or defaults, or changing corporate customer behaviour – deposit inflows from corporates and depositors affecting leverage-constrained institutions. Also, there should be some consideration given to the availability of funding sources or, for wholesale funding, acceleration or reduction of funding plans.

Continuous re-balancing

Take immediate actions in increasing liquidity and cash holdings in the short term to cover for the uncertainty.

Continuous risk assessment

Account for emerging risks previously not accounted for, such as the temporary closure of operations or reduced capacity of market utilities. Assess those scenarios and how these are captured and factored in stress tests. Intraday liquidity should be the primary focus to understand immediate cash requirements.

 

  1. Refine your liquidity risk measurement

Better identification, measurement and analysis of key liquidity drivers should become core for an institution’s ability to effectively manage and mitigate particularly unique risks not previously considered. To do this, Treasurers should consider the frequency of their monitoring, and increase levels to daily stress tests and daily Early Warning Indicator testing to include daily developments.

In-depth analysis of risks

Re-run your liquidity risk identification exercise to understand better your current exposures, especially examining certain instances of this outbreak crisis, e.g. oil-related exposures, airline, marine or supply chain related exposures etc.

Re-calibrate based on new understanding

Re-assess existing scenarios or add new scenarios in covering a range of events and timeframes (e.g. sustained spread of the virus over x months vs limited spread and containment). Revisit your Early Warning Indicators to monitor emerging risks. At a later point, revisit these to assess if market signals existed and if they were picked up by your indicators.

 

  1. Review your mitigation plan

Identification, assessment and measurement is only part of the overall response. Stresses or risks that can be crystallised need to be accompanied by mitigative actions, agile and feasible enough under the current market conditions. Contingency funding actions might need to be revisited to determine if additional actions need to be considered.

Revisit and verify the availability of near real time reports, such as positions of securities holdings reports. Such information should be readily available and synthesised in the event that you will need to communicate clear and concise plans to investors, regulators or other market participants in relation to liquidity management strategies to foster confidence in the market.

In summary, reviewing and preserving an institution’s liquidity under extreme and volatile circumstances is the core responsibility of any treasurer. However, we know that any scenario or contingency planning is unlikely to be fully predictive of unprecedented scenarios such as this. Re-visiting already set practices and testing their efficacy and completeness should be the first step before considering inserting new scenarios and new actions into the mix. Nothing tried and tested can always remain true.

 

Continue Reading

Magazine

Partner Events

Trending

DIGITAL TRANSFORMATION DIGITAL TRANSFORMATION
Technology1 day ago

HOW TO KEEP DIGITAL TRANSFORMATION ON TRACK AFTER THE PANDEMIC

Ashley Coker, CEO and founder, Slate   Introduction The global coronavirus health emergency has made it abundantly clear how dependent...

DIGITAL BANKING DIGITAL BANKING
Banking1 day ago

THE FUTURE OF CUSTOMER EXPERIENCE IN DIGITAL BANKING

By Richard Billington, Chief Technology Officer, Netcall Over the past five years, the digital banking revolution has had a seismic...

COVID-19 COVID-19
Banking1 day ago

TRANSFORMING BANKING: WHY COVID-19 IS UNFREEZING CONSUMER HABITS

Raj Chakraborty, Senior Managing Director, Publicis Sapient   There is much debate about the impact of COVID-19 on the economy....

LEASE LEASE
Business1 day ago

IS YOUR OFFICE LEASE CRUSHING YOUR BOTTOM LINE? YOU HAVE OPTIONS

By Jonathan Wasserstrum, Founder / CEO, SquareFoot These are unprecedented times for us all. Nobody has a playbook to get...

HOME HOME
Wealth Management1 day ago

THE TRIALS AND TRIBULATIONS OF TRADERS TRADING FROM HOME

Steve Haworth, CEO of TeleWare Group Banks had hoped to keep their London trading floors open amid the worsening coronavirus...

OPEN BANKING OPEN BANKING
Banking1 day ago

HOW WILL REVOLUT’S MOVE INTO OPEN BANKING AFFECT US?

By Richard Mathias, Senior Technology Architect at LiveArea Despite current uncertainty, the financial services sector is experiencing transformative change year...

AUTHENTICATION AUTHENTICATION
Technology1 day ago

IN CONSUMER BIOMETRICS WE TRUST: AUTHENTICATION FOR THE DATA PRIVACY AGE

Jonas Andersson, Head of Standardization at Fingerprints Data privacy is high on the global agenda. In the wake of data...

COVID-19 COVID-19
Business6 days ago

CAPITAL MARKETS – LIQUIDITY MANAGEMENT DURING COVID-19

Tony Farnfield, Partner at management and technology consultancy, BearingPoint   When “Dr. Doom” predicted the 2008 financial crisis back in...

SONY BANK SONY BANK
News6 days ago

SONY BANK SECURES AND ENHANCES MOBILE BANKING WITH ONESPAN’S MOBILE SECURITY SUITE

App shielding, biometric authentication and additional technologies secure and improve the customer experience for Sony Bank’s mobile banking app  ...

MOBILE BANKING MOBILE BANKING
News6 days ago

KOREA’S KB BANK USES TRUSTONIC IN-APP PROTECTION TO ENHANCE MOBILE BANKING EXPERIENCE

Using Trustonic Application Protection enables KB Bank to dramatically improve the authentication experience for users of its mobile banking app...

Customer Customer
News7 days ago

CUSTOMER CARE TODAY WILL BUILD RESILIENCE FOR FUTURE CRISES

Cathal McGloin, CEO of ServisBOT writes, “The COVID-19 pandemic has created major spikes in calls to financial sector helplines dealing with customers...

CREDIT CARD MARKET CREDIT CARD MARKET
Banking1 week ago

THE CO-BRAND CREDIT CARD MARKET – SINK OR SWIM

By Chris Vinnicombe, VP Financial Services at Acxiom The co-brand credit card market is the result of the partnerships between...

CASH FLOW CASH FLOW
Finance1 week ago

HOW TO MANAGE YOUR CASH FLOW IN UNCERTAIN TIMES

While the world is constantly changing, probably at a faster pace now than ever before, businesses need to manage cash...

BUSINESS BUSINESS
News1 week ago

NEW IVALUA STUDY SHOWS TECHNOLOGY CHALLENGES ARE HINDERING PROCUREMENT TEAMS FROM ACHIEVING BUSINESS OBJECTIVES

Lack of system integrations and actionable insights are stopping organisations from accurately measuring performance   Ivalua, a leading provider of global...

FINANCIAL SERVICES FINANCIAL SERVICES
Technology1 week ago

WHY DIGITAL TRANSFORMATION IN FINANCIAL SERVICES IS ABOUT CULTURE FIRST, TECH SECOND

Stuart Templeton, Head of UK at Slack    In today’s world, there’s no such thing as a ‘non-tech fin’. Every...

COVID-19 COVID-19
Business1 week ago

STOP THE CONFUSION: HOW TO KNOW IF YOUR BUSINESS MAY BE INSURED AGAINST COVID-19

By Alex Balcombe, Partner at Harris Balcombe   The last few weeks has seen businesses in hospitality, tourism, retail, leisure...

PAYMENTS PAYMENTS
Top Stories1 week ago

BRAVE NEW WORLD: A FUTURISTIC VISION OF PAYMENTS

James Booth, VP, Head of Partnerships in EMEA for PPRO   Over the last ten years, the retail e-commerce ecosystem...

KLEVIO KLEVIO
Interviews1 week ago

A PROPTECH FOUNDER’S BEGINNING, THE START OF KLEVIO AND HOW ACCESS-TECH IMPROVES FACILITIES MANAGEMENT

An interview with Klevio’s CEO and Co-Founder, Aleš Špetič    What is Klevio?  Klevio is a smart intercom that allows...

COVID-19 COVID-19
Wealth Management1 week ago

HERE’S HOW YOU CAN LEARN TO TRADE RISK-FREE DURING THE COVID-19 MARKET CRASH

Trading app BullBear has launched new features to support budding investors looking to hone their skills against the backdrop of...

INSURANCE INSURANCE
Top Stories1 week ago

ENTERPRISE BLOCKCHAIN: DRAGGING INSURANCE OUT OF THE DARK AGES

Ryan Rugg, Global Head of The Industry Business Unit at R3   The history of insurance traces back to the development...

Trending