News

Accenture system helps New York bank cut compliance staff

Ian Grant

A New York bank is to cut the staff employed on compliance reporting from 365 to 12 following the introduction of a new compliance and IT security monitoring service from Accenture. 

The new tool, Security Transformation Service (STS), is the first fruit of the strategic alliances Accenture signed last year with Sun Microsystems and Symantec.

Alastair MacWillson, head of Accenture's global security practice, said compliance with regulatory demands has become a major headache for sectors such as financial services. 

STS is the first generation of 'Compliance 2.0' tools, he said. To avoid the huge cost in time and salaries in meeting compliance rules, many monitoring and reporting functions are now being automated. 

In the same way that industrial system control and data acquisition (SCADA) systems monitor, alarm and report what is happening in the network, so STS monitors, alarms and reports on actual and potential threats to compliance performance and data integrity. 

"We are eating our own dogfood," MacWillson said, adding that Accenture is now using STS to watch what is happening in its internal global network. 

The bank, which can't be named for competitive reasons, hired 365 people in less than a year to prepare compliance reports under regulations such as Sarbanes-Oxley. With STS, much of this is now automated, thanks to identity and access control management tools from Sun and threat recognition and mitigation tools from Symantec. 

"The headcount for compliance work has dropped to 30 now, and will drop to around 12 soon to monitor the bank's compliance and data security worldwide," he said. 

MacWillson added banks in the UK, Germany, the Nordic countries and Australia, which all face similar regulatory demands, are starting to explore services such as STS. 

"The regulatory regime is crucial to the rate of adoption," he said. With more countries opting to base their financial regulations on the US Federal Information System Management Act (FISMA), the pressure to automate compliance reporting is likely to grow. 

MacWillson said tools such as STS, even when outsourced to firms like Accenture, do not absolve the bank from its legal responsibility for complying.

"What STS does is give them a way to improve their ability to comply through better insight and control of actual activity in their applications and networks."

Firms falling shorrt on security skills >>

Sarbanes-Oxley defeat blow for SMBs >>

Cookware firm upgrades ERP to cool SOX heat >>

Data retrieval strategies: Document management software overview >>

Wikipedia: Sarbanes-Oxley Act >>

Comment on this article: computer.weekly@rbi.co.uk


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy