- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
Warning, this is a story that might sound familiar.
The frustration on the chief technology officer’s (CTO) face was palpable. One year prior, the $50 billion financial institution he worked for announced it was going “all-in” on the cloud to save costs and become nimbler. The CTO assumed the cloud was “just another data center,” and his teams approached their architecture and governance efforts accordingly.
His organization tried to implement security controls with the same set of operating models, architectures, practices, and tools that were used in its physical networks. The company experienced regulatory requirement delays and audit setbacks and was mired in compliance black holes, security red tape, and governance stagnation. With this approach, spinning up a computing instance was slower than racking and building a physical server in the data center it left.
Fortunately, the financial institution was able to turn its situation around—when the CTO made a mindset shift from a process-focused approach to a capability-based approach.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Register for free
Access one free, non-premium article each month.
Complimentary CPE webcasts, resources, and e-Books.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
When organizations move their data or operations to the cloud, the compliance team has their work cut out and then some, experts discussed at CW’s Cyber Risk & Data Privacy Summit.
A panel of cyber experts and a chief compliance officer in financial services discussed the business risks, threat vectors, and vendor ‘gotchas’ associated with transitioning to a cloud provider at CW’s virtual Cyber Risk & Data Privacy Summit.
The Treasury Department issued a report regarding the benefits and challenges associated with the use of cloud service providers by financial sector firms, finding shortcomings related to transparency, staff support, and cybersecurity incident response.
With senior-level decisions on technology only increasing in frequency as new tools rapidly evolve, a panel at Compliance Week’s 2024 National Conference agreed compliance must consider the opportunities available to influence those conversations.
If there was one takeaway Diana Kelley offered during her keynote address at Compliance Week’s 2024 National Conference, it was that artificial intelligence tools—especially generative AI—need compliance.
The Treasury Department announced its success using artificial intelligence to track down instances of check fraud—a potential preview of the results that might come if the agency applies AI in other enforcement-related circumstances.
