In most industries, the need for standards is one that goes without question. Consumers are less likely to purchase a home, car, or any good or service that was not produced in accordance to an acceptable and consistent level of quality. As the financial services industry continues to face growing scrutiny from regulators, this sector is also turning to the same model to ensure greater compliance.
International Standards in Financial Services
The International Organization for Standardization (ISO) is the world’s largest developer of voluntary international standards. One of its well-known standards is ISO 9001, which defines quality management systems used by businesses in a wide variety of industries globally.
Since the 1990s, the number and types of financial transactions has grown exponentially. As a result, the complexity and scale of financial industry messaging has evolved accordingly, with ISO creating ISO 15022 in 1995, which was then replaced by the first version of ISO 20022 in 2004. In 2013, ISO released a revised set of standards for the financial services industry, ISO 20022.
In a nutshell, ISO 20022 provides a standardized method for financial transactions to be both created and read electronically. Running services based on ISO 20022 helps not only the companies carrying out the transactions, but this is also of interest to software developers, government agencies, regulators, and vendors involved in the industry.
According to a report released in January 2015 by the U.S. Federal Reserve System, adoption of ISO 20022 is becoming more widespread. Several European countries have fully adopted the standard, while many others have implementation plans in place or are committed to using it for new payment initiatives.
International Standards for Information Security
As important as standards are for financial regulatory compliance, they are no less critical for those companies providing the services that help maintain it. The continued presence of headlines about data breaches and stolen personal information serves as a stark reminder that having a well-established information security process in place is vital for companies providing online identity verification.
ISO released a new version of ISO 27001, its information security management system (ISMS) standard, in 2013. This standard has been updated from the original 2005 version to place more emphasis on the measurement and evaluation of an organization’s ISMS performance. It also now includes a new section on outsourcing in recognition of the growing trend of greater reliance on third parties for providing information services.
Trulioo recognizes the necessity of having an ironclad ISMS in place to provide secure and trusted services to our customers and partners. As an ISO 27001-certified company, we are serious about information security and have adopted international best practices designed to mitigate risks while meeting regulatory and legal compliance requirements. This reflects the value that we place on respecting the privacy of consumers by ensuring that we have adequate measures in place to protect against unauthorized access of information.
[caption id="attachment_2278" align="alignnone" width="900"] The Trulioo team has received ISO 27001 certification, the best-known international information security standard, providing independent third-party assurance that Trulioo's team can effectively operate a best-in-class security program and manage information security risks effectively.[/caption]
“In order to build a framework of trust online, all companies that handle sensitive data and information should always follow best industry practices and standards for information security management,” said Jasmina Bozik, Manager of Information Assurance at Trulioo. “We are extremely proud to have been awarded our certification for ISO 27001.”
Achieving ISO 27001 is an important step in Trulioo's mission to provide the highest level of security standards. The audit process for the certification involved detailed interviews and deep examination of topics such as risk management, access control, business continuity, and security best practices.
Learn more about ISO 27001 and our commitment to delivering the highest security standards on our ISO 27001 certification page.