Cybersecurity and Third-Party Service Provider

Help with PCI Self-Assessment Questionnaire

Cardfellow

MAY 3, 2025

Small businesses are particularly vulnerable to data breaches, since they often dont have dedicated cybersecurity staff. PCI standards are designed to increase security and minimize risk of things like data breaches. Data breaches can cost you tens of thousands in fees and damages, to say nothing of the damage to your brand and reputation.

Assessments

Assessments Processors Credit Cards Data Breach

In Profile: Thomas Gillan, CEO of BR-DGE

The Fintech Times

DECEMBER 24, 2024

This is a prime example of how were removing barriers to scale, as payment providers can win new business without adding friction to checkout processes, and they wont need to change from their existing provider or deal with the hassle of doing integrations themselves.

Payment APIs and Integration

Payment APIs and Integration On-Demand Acquirers Value Added Service

Open Banking in Canada faces legislative delays

The Paypers

JUNE 18, 2025

Open Banking, referred to by Ottawa as consumer-driven banking, is intended to allow individuals and businesses to securely share their financial data with third-party service providers beyond traditional banks.

CBDC

CBDC Third-Party Service Provider Governance Government

New York Proposes Major Changes to Cybersecurity Regulation

FICO

NOVEMBER 1, 2016

These days, cybersecurity is a hot-button issue in policy circles. On September 13, the New York Department of Financial Services (NYDFS) proposed first-of-its-kind cybersecurity rules covering a wide range of banks, insurers and financial services companies under its jurisdiction. Annual certification.

Cybersecurity

Cybersecurity Regulations PCI DSS Data Encryption

Understanding the Dora Compliance: A Comprehensive Guide

VISTA InfoSec

OCTOBER 21, 2024

The financial entities operating within the EU, as well as third-party service providers outside the EU that engage with financial institutions located within the EU, are required to comply with DORA by 17 January 2025. This is where VISTA InfoSec’s expert consulting and audit service comes into play.

Compliance

Compliance Third-Party Service Provider Risk Assessment Audit

DORA Compliance Checklist: Essential Steps for Successful Implementation

VISTA InfoSec

NOVEMBER 4, 2024

The DORA compliance checklist The DORA compliance checklist is a thorough and proactive approach designed to make compliance easier to adopt for financial organizations and ICT third-party service providers. It helps the organization systematically address potential vulnerabilities and enhance cyber resilience.

Compliance

Compliance Third-Party Service Provider Risk Management Audit

DORA Compliance Checklist: Essential Steps for Successful Implementation

VISTA InfoSec

NOVEMBER 4, 2024

The DORA compliance checklist The DORA compliance checklist is a thorough and proactive approach designed to make compliance easier to adopt for financial organizations and ICT third-party service providers. It helps the organization systematically address potential vulnerabilities and enhance cyber resilience.

Compliance

Compliance Third-Party Service Provider Risk Management Audit

DORA Compliance Checklist: Essential Steps for Successful Implementation

VISTA InfoSec

NOVEMBER 4, 2024

The DORA compliance checklist The DORA compliance checklist is a thorough and proactive approach designed to make compliance easier to adopt for financial organizations and ICT third-party service providers. It helps the organization systematically address potential vulnerabilities and enhance cyber resilience.

Compliance

Compliance Third-Party Service Provider Risk Management Audit

DORA Compliance Checklist: Essential Steps for Successful Implementation

VISTA InfoSec

NOVEMBER 4, 2024

The DORA compliance checklist The DORA compliance checklist is a thorough and proactive approach designed to make compliance easier to adopt for financial organizations and ICT third-party service providers. It helps the organization systematically address potential vulnerabilities and enhance cyber resilience.

Compliance

Compliance Third-Party Service Provider Risk Management Audit

New York Bolsters Cybersecurity Requirements

Global Fintech & Digital Assets

DECEMBER 11, 2023

Covered financial institutions now face heightened expectations in relation to cybersecurity governance, risk assessment, and incident reporting. Key Amendments “Class A” Companies The Amendments create a new category of covered entities — deemed “Class A” companies — with heightened cybersecurity obligations.

Cybersecurity

Cybersecurity Multifactor Authentication Risk Assessment MFA

Understanding the Dora Compliance: A Comprehensive Guide

VISTA InfoSec

OCTOBER 7, 2024

The financial entities operating within the EU, as well as third-party service providers outside the EU that engage with financial institutions located within the EU, are required to comply with DORA by 17 January 2025. This is where VISTA InfoSecs expert consulting and audit service comes into play.

Compliance

Compliance Third-Party Service Provider Risk Assessment Audit

New York State Of (Cybersecurity) Mind

PYMNTS

AUGUST 28, 2017

As the Sinatra tune goes (a bit paraphrased) … New York: If you can make it there in cybersecurity, you can make it anywhere. The financial services industry is girding for the new regulations by the New York State Department of Financial Services (DFS), which take effect as of Aug. 28, which is, of course, today.

Cybersecurity

Cybersecurity Money Laundering Digital Currency Online and Mobile Banking

Despite Cybersecurity Standards, FIs Exposed To Third-Party Risks

PYMNTS

OCTOBER 2, 2017

Bank customers and regulators would likely agree: There’s no excuse for a financial institution to accept lackluster cybersecurity measures. But according to a new report from BitSight, that’s exactly what’s happening as FIs work with partners and other third-party service providers.

Cybersecurity

Cybersecurity Risk Compromise Risk Management

Payments Providers Combat The Conflict Between Security, User Experience

PYMNTS

JANUARY 14, 2020

Payments and financial service providers are facing an even greater challenge in balancing these two capabilities in the age of open banking and cloud migrations, with more opportunities than ever before for sensitive company and customer data to be compromised. Greater Security Without Compromising UX.

Security

Security PCI DSS Compromise Service Provider

OCC: Banks Face Higher Compliance Risks Due To Pandemic

PYMNTS

JULY 1, 2020

The new processes include the use of video conferencing services and other remote telecommunication technologies that the OCC said can increase cybersecurity vulnerabilities. Additional steps may be necessary to properly segment and secure bank networks if employees use personal devices to connect to bank systems,” the OCC wrote.

OCC

OCC Compliance Risk Office of the Comptroller of the Currency

The Future of Open Banking: How Compliance Impacts Innovation

Innovative Payments Association

JULY 25, 2024

With the rise of cybersecurity threats and data breaches, compliance regulations play a vital role in building trust between consumers, financial institutions, and third-party service providers.

Boot Camp

Boot Camp Compliance Innovation Third-Party Service Provider

OCC Defines Top Threats To Banks This Season

PYMNTS

JULY 26, 2017

As cyberattackers deploy more aggressive tactics, corporate banking firms have to respond with heightened cybersecurity measures to ensure confidence in the nation’s financial system, the OCC warned. Over time, consolidation among service providers has resulted in large numbers of banks reliant on a small number of service providers.”.

OCC

OCC Office of the Comptroller of the Currency Money Laundering Non-Bank

Understanding Risk Management Strategies as a PayFac

Stax

AUGUST 22, 2024

Cyberattacks, human errors, third-party service provider failures, and system disruptions all come under operations risk. Investment in advanced cybersecurity solutions and regular assessments of these solutions are also highly recommended.

Risk Management

Risk Management Risk Regulatory Compliance Due Diligence

Singapore Mulls Cybersecurity Certification for Financial Institutions’ Vendors

Fintech News

APRIL 21, 2025

The Monetary Authority of Singapore (MAS) has reiterated that financial institutions must ensure stringent cybersecurity measures are in place across their third-party vendors, following concerns about vendors becoming potential weak points.

Cybersecurity

Cybersecurity Third Party Vendors Third-Party Service Provider Ransomware

Payments Space

Help with PCI Self-Assessment Questionnaire

In Profile: Thomas Gillan, CEO of BR-DGE

Open Banking in Canada faces legislative delays

New York Proposes Major Changes to Cybersecurity Regulation

Understanding the Dora Compliance: A Comprehensive Guide

DORA Compliance Checklist: Essential Steps for Successful Implementation

DORA Compliance Checklist: Essential Steps for Successful Implementation

DORA Compliance Checklist: Essential Steps for Successful Implementation

DORA Compliance Checklist: Essential Steps for Successful Implementation

New York Bolsters Cybersecurity Requirements

Understanding the Dora Compliance: A Comprehensive Guide

New York State Of (Cybersecurity) Mind

Despite Cybersecurity Standards, FIs Exposed To Third-Party Risks

Payments Providers Combat The Conflict Between Security, User Experience

OCC: Banks Face Higher Compliance Risks Due To Pandemic

The Future of Open Banking: How Compliance Impacts Innovation

OCC Defines Top Threats To Banks This Season

Understanding Risk Management Strategies as a PayFac

Singapore Mulls Cybersecurity Certification for Financial Institutions’ Vendors

Stay Connected