IT Compliance & Business Continuity

Capture 1

In recent years regulatory pressure has been concentrated in several areas where the change in technology has been so rapid that the previous rules of conduct quickly became obsolete and inapplicable.

img 2

The development of new products, platforms, social networks and applications has required the introduction of regulations on data use and protection (notably the General Data Protection Regulation, or GDPR), but also of rules on acquisitions, mergers, and outsourcing arrangements in the IT area (e.g. EBA recommendations on outsourcing to cloud service providers). 

Particular attention to the payments market has been necessary. The new European directive and the related secondary regulations on payment services (PSD 2) seek to promote an efficient and competitive market, and to enhance the security measures for electronic transactions. It is also vitally important to launch specific programmes to adapt to the new regulations, which highlight the implications which changes to the regulations, data management and digitalization have and will continue to have on banking technology.

In business continuity terms too, the plan provides for gradual strengthening of the technical measures. The objectives here are to increase the resilience of critical services by extending highly-reliable solutions and reducing the single points of failure.


Last update: 21/06/2018