Blog Posts Process Management

How Financial Services Organizations Can Overcome Compliance Fatigue

Blog: ProcessMaker Blog

Over the years security and data breaches have had a negative impact on financial services organizations. Cyber attacks account for around $18.3 million annually per company. Verizon recently released a report that found only one in five organizations in America were fully compliant with the basic security requirements of the Payment Card Industry Data Security Standard (PCI DSS). Also in that report, fewer than 40% of the financial organizations examined were fully compliant. 

Trying to beef up security while remaining compliant to new laws and regulations is no doubt a daunting task. There are a tremendous amount of regulations in which financial organizations must comply with. A recent article noted that there are 750 global financial regulatory bodies, each with their own rules. 

In Europe, financial organizations had to quickly deal with the General Data Protection Regulation (GDPR). Then two more regulations came along, the Strong Customer Authentication (SCA) and the revised Payment Services Directive (PSD2). 

The GDPR also set in motion a major push to globally strengthen data privacy and security protection for consumers. In the US, states like New York, California, Massachusetts, Washington, Hawaii, and many other states have introduced their own data privacy and protection legislation. There was a concern that there could be 50 versions of a consumer privacy act, each with its own rules and regulations. Due to this concern, Congress introduced the Consumer Online Privacy Rights bill to the Senate just before thanksgiving last year, which has yet to be passed. 

With all these rules and regulations and more being introduced,  its no wonder financial organizations are facing compliance fatigue which exposes them to risk. 

How to combat compliance fatigue

Financial organizations can easily harness new technologies to achieve full compliance with many aspects of rules and regulations while streamlining the digital journey for their customers. The good news is there is a global task force, the Financial Action Task Force (FATF), that created a guide on Digital Identity that serves as a reference for countries all around the world looking to implement digital regulations for financial services. 

FATF recommends that financial services organizations use a risk-based approach that relies on a set of open-source, consensus-driven assurance frameworks and technical standards for digital ID systems.

CDD requirements (natural persons) Key components of Digital ID systems
Identification / verification – R.10 (a) Identify proofing and enrolment (with binding)– who are you? Obtain identifiers (name, DoB, ID # etc.) and ID evidence for those attributes, validate, and verify ID evidence and resolve it to identity proofed person;

Binding—issue credentials/authenticators linking the person in possession/control of the credentials to the identity proofed individual (i.e.,–linking the identity proofed individual to the onboarded customer /to the customer’s ID);

Authentication – Are you the identified/verified individual who has possession and control of the binding credentials? (applies to 10(a) if the regulated entity is conducting identification/verification of a pre-existing ID system)


Source: Public consultation on FATF draft guidance on digital identity

Many banks across the globe are embracing the shift to digital account openings by utilizing a business process management platform (BPM). With the right workflow in place, a BPM platform can easily digitize mundane and paper-intensive workflows and help financial organizations achieve digital transformation. For example, traditionally, a loan application could take anywhere from a day to a few weeks to process, depending on the lender. Yet, with a proper workflow in place, it can just take a few minutes as seen in the video below: 

This particular process used third-party tools such as Amazon Textract and UiPath so a loan application workflow can scan, analyze, and intelligently route a process and provision a bot accordingly. This type of process provides strong data security and authentication measures that help financial organizations achieve regulatory compliances while providing a streamlined customer experience. 


It is always important for financial organizations to stay current on the latest regulatory laws and changes across the globe. By implementing the proper workflows and processes with the right BPM platform, financial organizations can be assured they are taking the right step in their digital transformation initiatives. 


The post How Financial Services Organizations Can Overcome Compliance Fatigue appeared first on ProcessMaker.

Leave a Comment

Get the BPI Web Feed

Using the HTML code below, you can display this Business Process Incubator page content with the current filter and sorting inside your web site for FREE.

Copy/Paste this code in your website html code:

<iframe src="" frameborder="0" scrolling="auto" width="100%" height="700">

Customizing your BPI Web Feed

You can click on the Get the BPI Web Feed link on any of our page to create the best possible feed for your site. Here are a few tips to customize your BPI Web Feed.

Customizing the Content Filter
On any page, you can add filter criteria using the MORE FILTERS interface:

Customizing the Content Filter

Customizing the Content Sorting
Clicking on the sorting options will also change the way your BPI Web Feed will be ordered on your site:

Get the BPI Web Feed

Some integration examples