Connect with us

Hi, what are you looking for?

Information Privacy

ISO/IEC 27562

ISO/IEC 27562 — Information technology — Security techniques — Privacy guidelines for fintech services [Draft]

Introduction

According to the proposed 1st working draft:

Fintech refers to the use of computer technology across all aspects of the financial services sector, including banking, payment systems, and insurance.

This new wave of innovation represents the next phase of financial services. Digital financial services are undergoing a breakthrough as strong authentication technologies, developing decentralized technologies like blockchain, and analytics for fraud detection and anti-money laundering compliance are changing the industry. As a priority, privacy must be ensured, so that fintech services and applications are trusted and trusted as well as financial infrastructure and customers are protected.

As part of Customer due diligence (KYC), AML (anti-money laundering) rules require the collection, processing, and use of personal data. To detect fraud, organizations monitor transactions, look at behavioural patterns, share data internally (within a group), share data externally (with regulators and other institutions), share data when it comes to outsourced arrangements, and process data across borders (especially for international payments). The consumer wants control over what information can be accessed.

As a starting point, this document should apply the privacy principles described in ISO/IEC 29100:2011. As part of the privacy guidelines, the existing work on privacy frameworks (such as the NIST privacy framework: an enterprise risk management software program) will be used as well as privacy impact assessment in ISO/IEC 29134:2017.

There will be an assessment of all relevant privacy risks associated with fintech services. The framework also takes into account regulatory requirements, such as those concerning anti-money laundering.

The scope of the standard

Aspects of IT privacy for financial services.

The content

To be determined.

Status

There was a proposal for a New Work Item in 2020, which was approved in January 2021.

An initial working draft of the plan has been proposed.

Commentary

To be determined.

 

Advertisement Advertisement
  • solutions-inc
  • solutions-inc
  • solutions-inc
  • solutions-inc

Latest Post

Advertisement Advertisement
  • solutions-inc
  • solutions-inc
  • solutions-inc
  • solutions-inc

You May Also Like

Compliance

The task to be performed ISO 27001 Clause 10.1 Nonconformity and corrective action, Clause 10 which includes sections 10.1 and 10.2 covers the “Act”...

Compliance

ISO/IEC 27034:2011+ – Information technology – Security techniques – Application security (all published except part 4) Introduction Business and IT managers, developers and auditors,...

Cyber Security

ISO/IEC TS 27110:2021 — Information security, cybersecurity and privacy protection — Cybersecurity framework development instructions Introduction As a Technical Specification, the standard (an architecture...

Compliance

The article discusses Compliance with Legal and Contractual Requirements, Identification of Applicable Legislation and Contractual Requirements and Intellectual Property Rights accordingly controls.A.18.1 Compliance with...