NOVEMBER 22, 2011
Five Questions to Ensure your Compliance Software Provider Meets Your Security Needs

StarCompliance released today a list of key questions for financial institutions to ask about data security measures when selecting a financial compliance software provider. Financial organizations need to ensure that the software provider they select has all of the necessary controls and processes in place to keep their data as secure as possible. The list of questions StarCompliance developed is meant to help financial organizations consider all the security risks and ensure they are making the best decision for their needs when selecting a software provider.

"Information security control and access of employee and corporate information is of vital importance to all financial organizations," said Tim Ward, Chief Technology Officer, StarCompliance. "There are risks but there are also steps that can be taken to find a software provider that best meets your company's specific security needs - it's not a blanket solution. Our clients demand the utmost in data security and our in-house development team continuously works to meet their needs."

StarCompliance developed the following 5 questions for financial institutions to ask compliance software providers about their data control measures.

Question 1: Where will our data be hosted? Behind our firewall or externally? If data is stored externally, what are the key security risks we need to address?

Question 2: Will our data be held on a system alongside the data of other organizations? What risks does that potentially pose to our data? What controls do you have in place to ensure no cross over of data occurs?

Question 3: What outside parties have access to our data?

Question 4: What types of accreditation do your employees and subcontractors acquire? What types of authorization controls are in place for access to our data by employees and subcontractors?

Question 5: Our organization is multinational, does your software meet data protection and compliance regulations in all the territories in which we operate?

More information about the above questions and security issues is provided here.

SEPTEMBER 27, 2011 
StarCompliance announced today that its compliance software helps financial firms ensure they comply with the UK Bribery Act, which took effect July 1, 2011. The UK Bribery Act, designed to tighten the UK's regulatory framework, not only affects UK financial firms but also any financial companies that have offices in the UK, employ UK citizens, or provide any services to a UK organisation. The StarCompliance 'Gifts and Entertainment' module, which is available to all StarCompliance clients, works to ensure compliance with the new Act.

"Violating the UK Bribery Act carries unlimited fines and a maximum jail time of 10 years for individuals," said Matt McGill, Vice President of Sales, StarCompliance. "It is critical for financial firms to have the right tools in place to ensure their employees comply with the new act, if not, they also risk facing severe fines."

StarCompliance's 'Gifts and Entertainment' module instantly matches employee gifts and entertainment requests against a firm's Code of Conduct to automatically generate approval, denial or a case for supervisory review. The module automatically detects unusual activities based on the rules a client has pre-determined from their Code of Conduct and discourages employees from giving gifts or entertaining in ways that may be considered acts of bribery. Like with all StarCompliance modules, rules and workflows are configurable to meet complex compliance requirements.

"Our software saves compliance personnel from the risks of labor intensive, manual tracking and analysis of employee gifting and entertainment requests to give our clients peace of mind that their firms are fully compliant with the UK Bribery Act," said McGill.

SEPTEMBER 26, 2011
StarCompliance announced today the release of its Political Activities compliance software to help Investment Advisers comply with changes in SEC 'pay to play' rules. The new SEC rule 206(4)-5, which became effective September 13, 2010, discourages Investment Advisers from making contributions to elected officials or political candidates in a position to influence investment advisory contracts.

StarCompliance developed Political Activities to prevent employee violation of federal, state and municipal regulatory contribution guidelines by illegally influencing contract awards for investment services, a practice commonly referred to as 'pay to play'. The software is configured to inform compliance of all employee political contribution activity and automatically screen them against pre-set contribution rules, such as maximum contribution amounts for federal, state and municipal candidates. Employees submit a proposal for a contribution they want to make to a political candidate or entity to be reviewed by the compliance team. Political Activities screens the proposal against the rules pre-set in the software and identifies if it is in violation, making it easier for compliance to approve or deny a contribution before it is made. The software can also identify previously made donations that are in violation of the rules and instruct employees to recover them. Political Activities retains a full audit trail including details of the original submission and all subsequent modifications and communications relating to the donation.

"The new 'pay to play' rules are complex and breaking them can result in severe consequences," said Matt McGill, Vice President of Sales, StarCompliance. "We worked together with our clients for more than six months to ensure we developed a software module that meets all of their needs in this area."

Political Activities is configurable to meet any SEC and MSRB political contribution compliance requirements. The new software module comes preloaded with a list of Senate and House of Representatives office holders and allows clients to load additional records such as their government client and prospect lists directly from their internal data stores.

"Political Activities saves compliance personnel from labor intensive, manual tracking and analysis of employee political contributions and gives our clients peace of mind that their firms are fully compliant with SEC and MSRB contribution rules and not at risk of losing revenue by being prohibited from conducting business with government clients for two years," said McGill.