Two Factor Authentication Enabled Compliance Software

Securing corporate data continuously evolves in the compliance industry.  Now, people all over the world can access compliance data from several types of devices whether located at work, home, coffee shops and on the road. The traditional log in with a username and password is not always enough. That's why the two factor authentication strategy was created.

BasisCode Compliance's two-factor authentication helps secure your data, protect users, address compliance requirements for the protected data, and makes it easy for your users.

The BasisCode Compliance solution offers multi-level security and flexible options for the entire corporation. You have the ability to choose three different methods of receiving a dynamically one-time code to log in. The following options are available at no cost to you.

Custom Delivery Methods

  1. Text - Have a text message sent to your phone. This is the recommended option.
  2. Email - Have your one-time code sent to an email address.
  3. Voice - Have the system call your phone with a code to enter.

Custom Frequency Options

We all love options and convenience. Therefore, you can determine when someone is presented with the two-step verification process. Adjust your corporate settings with the following options:

  1. Check on each login - Every time someone logs in, they must enter the special code.
  2. Check when logged in from a different location - If your users frequently travel, work from home, or anywhere, enable this option for more protection.
  3. Check periodically (days) - Keep your data secure by making users periodically use the two step process.

 

Regulatory Authority Advice

For advice from the SEC, take a look at the following, "Investor Bulletin: Protecting Your Online Brokerage Accounts from Fraud"

The US Department of Health and Human Services also recommends two-factor authentication for HIPAA compliance in the article,  HIPAA Security Guidance.

 

What is Two Factor Authentication (2FA)?

Two-factor authentication (also known as 2FA) is a technique of verifying a person's identity by using a combination of two different items. In the case of accessing online sites, these two items are typically a username/password combination in addition to a one time, non-reusable code.

2FA is a version of multi-factor authentication (MFA). MFA is a computer access technique where a human is allowed access after successfully providing more than 1 type of evidence to an authentication mechanism    typically at least two of the following categories: knowledge (something they know), possession (something they have), and inherence (something they are).

Compliance controls top FINRA focus for 2016

The quality of a firm’s compliance controls is climbing higher on the priority stack in both the boardroom and on regulators’ examination checklists.  In February, for instance, the founder and CEO of a multi-billion dollar human resources software company stepped down over inadequate compliance procedures and internal controls.[1]

The same month, the Financial Industry Regulatory Authority (FINRA) urged [2] firms to review their supervisory and compliance controls as a top focus for the year: “We will assess five indicators of a firm’s culture: whether control functions are valued; whether policy or control breaches are tolerated; whether the organization proactively seeks to identify risk and compliance events; whether supervisors are effective role models of firm culture; and whether subcultures that may not conform to overall corporate culture are identified and addressed.”

When FINRA conducts reviews as part of this exam sweep, they will evaluate the processes a firm uses to identify policy breaches, including the types of reports or other documents a firm relies on, to determine whether a breach has occurred.  FINRA is particularly interested in how a firm measures compliance with its cultural values and what metrics, if any, are used.

Implementing integrated compliance management software can help a firm establish and maintain regulatory, cultural and ethical values.  Risk assessments and staff certifications can instantly be generated, for example, along with output-ready reports.  Compliance documents and data can be centrally stored and easily accessed, providing regulators with evidence on-the-fly that a financial firm or consultant is taking proactive steps to maintain a culture of compliance.

Click here to learn how.

[1] https://www.zenefits.com/blog/zenefits-names-david-sacks-ceo

[2] http://www.finra.org/industry/establishing-communicating-and-implementing-cultural-values#sthash.RtAYRP5T.dpuf

Compliance Tech Tip: Resolve to Align Gift & Entertainment Activities with Your Firm’s P&Ps

By Carlos Guillen, President & CEO BasisCode Compliance

If you’re a compliance officer making New Year’s resolutions, here’s one to add to the top of your list.  Make better use of technology to track and disclose employee gift giving and entertainment (G&E) activity.  Software makes it easier for staff and supervisors to align G&E management with a company’s compliance policies and procedures (P&Ps).  As recent history shows, firms that fail to do so may pay a steep price long after the confetti and compliance cases settle.  (more…)

When it Comes to Compliance, Compliance Evidence is Everything

As industry debate intensifies regarding chief compliance officer liability and the perils of outsourcing, compliance professionals should take a closer look at how technology can keep their firms in good stead with regulators.  When it comes to compliance management and malfeasance, compliance evidence is everything, and technology can prove invaluable.  Regulated firms and those that rely on consultants, third-party administrators, law firms or others to handle compliance can reduce the risk of lapses by leveraging software solutions designed to better manage compliance programs.

To see a complete list of everything included and many more ways to save you time, visit the “Solutions Overview” page. Also, check out the video for a quick glimpse into BasisCode.

Compliance Evidence

By Carlos Guillen, President & CEO BasisCode Compliance (Originally published at Financial Planning)

Some examples of evidence include: testing and certifications, risk assessment, gifts and entertainment, whistleblower, personal trading, insider trading monitoring, automated workflows, reminders, alerts, forms studio, documents portal, extensive reporting and an employee portal. By using BasisCode compliance software, you are able to track and automate many aspects in one place from home or on your mobile app. This is your solution to managing all of compliance in one place. You will not have to piece together many solutions to get results.

About BasisCode Compliance

BasisCode Compliance offers the industry’s broadest set of integrated compliance management software that improves compliance management for asset managers, investment advisors, broker-dealers, compliance consultants, law firms and other professional service providers.  BasisCode Compliance was named a finalist in the compliance technology category of WealthManagement.com’s 2015 Industry Awards, which honors outstanding achievements by companies that help advisors better manage their businesses through innovation.  The intuitive BasisCode Compliance software spans functionality, from testing and risk assessment to personal trading and certifications, compliance evidence, enhancing compliance controls and decision-making for financial services firms and their clients.

Managing the convergence of compliance and technology

October 15, 2016

By Carlos Guillen, President & CEO BasisCode Compliance

investment-newsCitigroup recently agreed to pay a $15 million penalty for failing to enforce compliance breaches that technology could have prevented. As evidenced by such high-profile cases, even some of the leading financial firms overlook the role that technology can play in avoiding costly compliance failures.

[Originally Published at Investment News]