The Swiss FINMA is intended to provide increased transparency in financial markets and does not stop at IT-Security
Going forward it is necessary to define, who within the company does have access to client data, who has the right to authorize this access, who is responsible for the respective business procedures and who has the data sovereignty.
The requirements of FINMA also concern the organization itself
Banks should, for example, ensure that employees are sensitized, trained and monitored, particularly in connection with the access to large quantities of customer data, with regard to the confidentiality of customer data. All these requirements are covered by DriveLock Security Awareness, Reporting & Forensics, Shadow Copy and Interface Control. In addition, measures will be required for banks to identify, control and mitigate the risks associated with the confidentiality of customer data, which is ensured by DriveLock encryption and interface control.