By: Moaz Banjer
Instructor: Dr. Ali Bicak
Today in the banking industry there are many standards and regulations that banks must follow in order to be citified and recognized by other initiatives. These standards and regulations must be followed and obeyed in order to have the certification valued. For example, ISO has released their standards and regulations for banks (ISO??????) in XXXX. If a given bank wanted to receive the ISO certification and be recognized by other institutions, they must comply with standards and follow their new standards and updates. It gets harder for banks when they have more than one certificate they wanna comply with in addition to the federal rules and the state rules. Some banks faced a huge lost in value and customer base because they couldn't comply with all the regulations which would cause them to be under sanctions and regulations until they comply with the given standards. It also get herder for banks when they have international standards to follow in addition to the local standard.
The Payment Card Industry is formed by American Express, MasterCard WorldWide and VIsa. These major payment companies created a list of regulations and standards that must be followed by any bank that wants to provide a credit card service. Since the new technologies is emerging every year, these regulations and standards are constantly changing and growing, so banks must always comply with these new rules in order to keep their certificate valid. Back in the days, the responsibility of complying with the regulations was shared by the IT department and the business department, this process caused confusion and wasted time and effort, either because of lack of communication or not being aware that the current standard has been changed.
Major banks that follows many regulations and standards realized that they can not afford to lose value or business opportunities because they couldn't comply with rules, so a new department within the IT division was created to follow up with these standards and regulations, this department is called "Control and Compliance". The control and compliance department it self is one of the requirements by ISO?????. all banks that has the ISO certificate has already created a Control and Compliance department. This case study aims to create a reliable online solution that can help banks to comply with regulations in a better and faster fashion.
The control and Compliance department is responsible for managing rules and regulation and making sure that the bank is complying with these regulations and following up with the new standards and new rules issued by different organizations. Having to follow up with many different standards issued by different organizations, the control and compliance must act fast on changing the environment to adopt to the new changes. Some changes can be easy to implement and does not require lots of work and effort, on the other hand some changes requirers lots of planning and carful implementation so it wont effect other systems. When the Control and Compliance department was invented, banks used different ways to follow up with the regulations they wanted to comply with, some banks used old fashion ways such as having the list on paper and then write down the things they need to change, this method is not effective because it can take a long time to get the new regulations written on paper and then it must be communicated with various department that need to make the new changes. This method is also not safe because there is not updates or back ups to be taken. If the regulations was lost it can be recovered but if the changes they are implementing got lost, it can be hard to recover and that would waste time. Some small banks use Microsoft Excel to manage their compliance process. It starts with saving all the regulations and standards in an Excel...