VISTA InfoSec

NOVEMBER 4, 2024

The DORA compliance checklist The DORA compliance checklist is a thorough and proactive approach designed to make compliance easier to adopt for financial organizations and ICT third-party service providers. It helps the organization systematically address potential vulnerabilities and enhance cyber resilience.

Compliance 130

Compliance Risk Management Third-Party Service Provider Audit 130

Cardfellow

MAY 10, 2025

Level 2 processors can submit a Self-Assessment Questionnaire (SAQ) instead. Level 1 and Level 2 service providers must perform ongoing maintenance as well, such as quarterly network scans. Additionally, it may present complications for your own PCI compliance, since youll need to list the third-party service providers you use.

Processors 52

Processors Third Party Vendors Credit Cards Third-Party Service Provider 52

VISTA InfoSec

NOVEMBER 9, 2023

In the world of digital transactions, businesses handling payment cards must demonstrate their data security measures through the Payment Card Industry Self-Assessment Questionnaire (PCI SAQ). Completing the SAQ is a key step in the PCI DSS assessment process, followed by an Attestation of Compliance (AoC) to confirm accuracy.

PCI DSS 130

PCI DSS Assessments Credit Cards Compliance 130

VISTA InfoSec

OCTOBER 20, 2023

Perform ePHI Risk Assessment: Potential Threats: Identify threats to ePHI assets, including natural disasters, technical issues, and security threats. Impact Analysis: Assess the potential impact on ePHI assets post threat identification, considering downtime, data loss, and financial implications.

Disaster Recovery 130

Disaster Recovery Procedures Regulatory Compliance Duplicate 130

PYMNTS

OCTOBER 7, 2016

He offered the example of banks using analysis of financial statements to assess risk in the loan origination process. .” Financial institutions today are also struggling to connect the dots between all of the ways they use data analytics to mitigate risk and add value to their lending operations, added Horrocks. ”

Origination 78

Origination Underwriting Third-Party Service Provider Risk Mitigation 78

PYMNTS

SEPTEMBER 26, 2019

Earlier this month, we became aware of unusual activity involving a third-party service provider,” the company wrote in a blog post. “We We immediately launched an investigation, and outside security experts were engaged to assess what occurred. DoorDash has revealed that it was the victim of a data breach in May.

Breach 62

Breach Third-Party Service Provider Data Breach Credential 62

The Fintech Times

NOVEMBER 5, 2024

Driving financial inclusivity in Bahrain Now, Spire is working with Salt Edge to introduce Corporate Banking APIs to enable third-party service providers to create new, business-aligned products and solutions such as advanced financial management tools, automated payment solutions, and data-driven insights.

Accounts 64

Accounts Third-Party Service Provider Financial Inclusion API 64

Stax

AUGUST 22, 2024

PayFacs handle risk assessment, underwriting, settling of funds, compliance, and chargebacks which exposes them to greater potential risks. Think of them as service providers that rent their master merchant accounts to their clients. This makes it much easier and quicker for businesses to start accepting payments.

Risk Management 88

Risk Management Risk Regulatory Compliance Due Diligence 88

FICO

NOVEMBER 1, 2016

The requirements also mandate that organizations include these enhanced standards in their contracts with third-party service providers. The NYDFS requires data encryption not just for data in-transit but also for data at-rest. Annual certification.

Cybersecurity 81

Cybersecurity Regulations PCI DSS Data Encryption 81

Basis Theory

OCTOBER 1, 2024

On the other hand, organizations with Levels 2, 3, or 4 use Self-Assessment Questionnaires (SAQs) to audit their compliance program. Third-Party Service Provider ( TPSP or "service provider") refers to an entity other than the Merchant, Acquirer, or Issuer involved in storing, processing, or transmitting card data.

PCI DSS 88

PCI DSS Compliance Encryption Assessments 88

PYMNTS

OCTOBER 9, 2019

That friction is all about data, and the freight bill audit pay process that involves analyzing a carrier’s invoice to assess its accuracy. Transplace is hoping to address that gap and is focusing on collaboration in that initiative — both with those third-party intermediaries and with banks. Failure to Act.

B2B 46

B2B Third-Party Service Provider Payments Audit 46

PYMNTS

FEBRUARY 2, 2021

This week's look at the latest in open banking and bank-FinTech collaboration finds financial institutions (FIs) exploring both partnerships and acquisitions to strengthen their offerings for corporates, while third-party service providers have also boosted their data-sharing capabilities to empower those financial service provider tie-ups.

Lockbox 57

Lockbox FinTech Treasury Management Payment APIs and Integration 57

Global Fintech & Digital Assets

DECEMBER 11, 2023

Covered financial institutions now face heightened expectations in relation to cybersecurity governance, risk assessment, and incident reporting. Risk assessments should also be reviewed whenever a new business model is adopted or a new product is introduced.

Cybersecurity 59

Cybersecurity Multifactor Authentication Risk Assessment MFA 59

PYMNTS

OCTOBER 2, 2017

But according to a new report from BitSight, that’s exactly what’s happening as FIs work with partners and other third-party service providers. Assessing the Cybersecurity Performance of the Finance Supply Chain ,” which explores how financial service providers manage third-party cyber risk.

Cybersecurity 51

Cybersecurity Risk Compromise Risk Management 51

PYMNTS

JUNE 11, 2019

As a digital-first bank, Axos Bank is investing in its own application programming interface (API) strategy to promote the ability for FIs to connect with third-party service providers, and enhance access to data for improved (and less risky) lending — a tall hurdle, considering small business default and failure rates.

Office of the Comptroller of the Currency 60

Office of the Comptroller of the Currency Small Business Payment APIs and Integration Third-Party Service Provider 60

PYMNTS

JULY 22, 2019

Clark emphasized the importance of third-party service providers delivering a clearer message to accounts payable departments. It’s very hard for the person receiving the message to put the pieces together and make a coherent, end-to-end continuum assessment of what’s best for their entire B2B interaction universe.”.

B2B 57

B2B Reconciliation Checks Lockbox 57

PYMNTS

JULY 3, 2018

. “Lenders’ primary goal is to assess a consumer’s stability, ability and willingness to pay. But some industry players agree that the traditional FICO score isn’t enough to correctly assess a small business borrower. .

Underwriting 40

Underwriting Small Business Assessments Third-Party Service Provider 40

PayHawk

APRIL 18, 2023

Payment Gateway A service that enables merchants to accept electronic payments from customers through a website or mobile application. Payment Processor A third-party service provider that facilitates electronic payments and transfers funds between the merchant’s bank account and the card issuer.

Process 52

Process Card Issuer Online and Mobile Banking Issuers 52

PYMNTS

DECEMBER 26, 2018

While traditionally, banks have controlled the infrastructure, hardware and operating systems for financial services, new entrants may have the agile infrastructure and innovative propositions to personalize to meet individual consumer needs.

Cross-Border 51

Cross-Border Cross-Border Payments SWIFT Innovation 51

EBizCharge

JULY 16, 2024

Risk management Financial institutions and third-party service providers must construct and execute a risk-based approach to detect and prevent fraudulent ACH transactions. This includes developing policies and tools to adequately identify, assess, and mitigate potential fraud.

NACHA 52

NACHA Nacha Rules ACH Network ACH 52

Global Fintech & Digital Assets

NOVEMBER 7, 2023

Issuance of Tokenised Securities: Intermediaries issuing Tokenised Securities remain responsible for the arrangement, regardless of outsourcing to third party service providers.

Distributed Ledger Technology (DLT) 52

Distributed Ledger Technology (DLT) Security Settlement Risk 52

Nanonets

MAY 7, 2024

Outsourced Reconciliation Some businesses choose to outsource their expense reconciliation tasks to third-party service providers. Outsourced reconciliation services typically involve sending expense data to a specialised firm or accounting service, which handles the reconciliation process on behalf of the business.

Reconciliation 52

Reconciliation Best Practices Credit Cards Compliance 52

Neopay

NOVEMBER 22, 2024

These information sharing requirements include the results of testing including scenario testing and incident management playbook exercise and any action taken as a result, the annual self-assessment, and the maximum tolerable level of disruption set for each service provided to the firm.

Rules 52

Rules Third-Party Service Provider Assessments Risk Management 52