RegSmart delivers best-practices governance and risk management

Get RegSmart

RegSmart brings the people, processes, and technology together to serve your BSA and cybersecurity risk management and governance needs with:

Cloud-Based Technology

Supported by Subject Matter Experts

That Collect Data with Intuitive Wizards

And Store that Data for Real–Time Reporting, Regulatory Compliance, and Change Management

And deliver Complete, Plain Language Reports

With Actionable Information

Regulatory and cybersecurity challenges can be mind-numbingly complex.  RegSmart brings solutions that are simple and accessible to businesses and institutions of any size in any industry.

Are these statements true about your business?

  • We have a formal framework under which we continually analyze the cybersecurity exposure in each of the 10 domains outlined in the US Department of Homeland Security’s US Cert standards.
  • We apply the principles of the US Department of Commerce’s NIST standards to our technology infrastructure to identify, protect, detect, respond, and recover.
  • We have a formal framework to understand and manage our anti-money laundering and terrorist financing obligations under the Bank Secrecy Act and the US Patriot Act.
  • We continually analyze every product and service we offer, every customer profile we serve, and every location from which we do business to understand the inherent risks, control structure, and the residual money laundering risk, and our senior managers make informed decisions about what risks to transfer, mitigate, accept, or avoid.
  • Our board applies sound corporate governance principles and matches the organization’s human capital and technology to the business mission.

Sound corporate governance and risk management sounds simple in concept, but can be exceedingly complex in application when dealing with the changing regulatory and threat landscape of BSA and cybersecurity.

Consider that:

  • The US Cert and NIST standards, which serve as the basis for cybersecurity regulations and guidance for every entity and institution in the US are comprised of hundreds of publicans and thousands of pages.
  • The OCC’s “voluntary” cybersecurity risk assessment is 57 pages, more than 550 separate inquiries and references the 98 page FFIEC Information Technology Security Handbook.
  • The FFIEC BSA/AML Examination Manual is more than 400 pages.
  • The FinCEN BSA/AML Examination Manual for Money Service Businesses is 147 pages.
  • FinCEN, OCC, FINRA and related regulatory agencies have published hundreds of pages of regulations in the Federal Register and hundreds of pages of advice and interpretations not published in the CFRs since the adoption of the FFIEC BSA Manual in 2014.