Guest Writer Anitha Yeddula: Resiliency in Technical Applications and Compliance Impact on Cards
Anitha is a Director of Application Development at Discover Financial Services.
Before we get into this week's writeup, I'd like to remind and invite everyone to our upcoming launch event for our brand-new Fintech Compliance Circle, happening in NYC and virtually on April 11 at 5:30 PM EST! This event is part of New York Fintech Week, sponsored by Empire Startups - Everything FinTech. Tickets are going quickly; please join us if you are a Compliance professional and interested in talking shop with peers!
~~
Our guest writer this week is Anitha Yeddula, who for 20 years has served in multiple disciplines as a developer, solution engineer, product manager and technology leader, primarily in financial and tech industries. Currently, she is a Director of Application Development at Discover Financial Services where she specializes in Digital Wallets/Payments and Onboarding customers. With her holistic experience, she enables teams to unlock customer value efficiently through people, process and technology transformations. In her prior role at AWS, she helped customers like UN and GNMA modernize their legacy applications onto the cloud. She’s passionate about women's and children's causes, leads talent development and career advocacy for women in technology, and is an active mentor in community. We're grateful to have her join us this week and hope you enjoy her perspective on the intersection of resiliency and fintech compliance!
~~
Have you ever experienced going to the store to buy something important, only to find that your credit card gets declined due to a system error?
Have you received calls from your teen that they cannot purchase anything online?
Are you tired of the technical difficulties page popping up as you try to consolidate your financial transactions and pay the bills?
These experiences are undoubtedly frustrating, time-consuming, and widespread. However, have you ever considered what the root cause is? The answer lies in the technical applications responsible for delivering these experiences for customers.
In today’s fast-paced and digitally driven financial landscape, the cards business stands as a cornerstone of economic transactions worldwide. Whether it’s buying groceries, paying bills online, or booking vacations, cards consistently offer convenience, flexibility and rewards for users. However, behind the scenes one crucial factor is key to ensuring that these transactions go smoothly - resiliency in the transaction-processing systems. Technical resiliency, coupled with stringent compliance measures, forms the foundation upon which cards business thrives, ensuring seamless transactions, safeguarding sensitive data, and upholding regulatory requirements.
Technical resiliency refers to the ability of a system or network to withstand and rapidly recover from disruptions or failures. In the context of the cards business, where millions of transactions occur daily, technical resiliency is not just a preference but a prerequisite for delivering optimal customer experiences.
Let us explore the significance of resiliency in technical applications for the cards business, its implications for customers, as well as considerations regarding risk and compliance.
Importance of Resiliency:
Continuous Operations: Technical applications ensure uninterrupted operations, allowing customers to make transactions anytime, anywhere. For example, in 2019, Visa suffered a system failure that affected millions of cardholders across Europe, leading to transaction failures and payment delays. During peak periods, such as holiday seasons or major shopping events, the influx of transactions, surges exponentially. Resilient systems must withstand this spike, minimize downtime, ensuring that cardholders can access their funds and make purchases without disruption.
Customer Trust and Loyalty: Reliability builds trust. When customers have confidence in the reliability of card systems, they are more likely to use them frequently and recommend them to others. On the contrary, downtime or system failures can lead to frustration and erode customer loyalty. Even the most advanced systems are susceptible to occasional glitches and outages. Implementing redundant systems, failover mechanisms, and disaster recovery protocols will help maintain uninterrupted services.
Business Reputation: The reputation of a cards business is closely tied to its technical reliability. Security is the highest concern for cardholders. A single outage or security breach can have far-reaching consequences, damaging the brand's reputation and leading to financial losses. For instance, the Equifax data breach in 2017 exposed personal information of over 147 million people, including credit card details, highlighting the devastating impact of security lapses. The breach occurred due to Equifax’s failure to patch a known vulnerability in systems. This resulted in non-compliance of regulations such as Gramm-Leach-Bliley Act (GLBA) and the Fair Credit Report Act (FCRA). The incident resulted in regulatory investigations, lawsuits, and substantial financial penalties for Equifax.
With cyber threats evolving in sophistication and frequency, financial systems must fortify their defenses against data breaches, malware attacks, and phishing attempts. Deploying robust cybersecurity measures to preempt and mitigate these threats effectively is necessary for keeping business reputation.
In addition to technical considerations, the cards business operates within a complex regulatory landscape governed by various authorities, including but not limited to, the Payment Card Industry Data Security Standard (PCI DSS), the Dodd-Frank Act, and the General Data Protection Regulation (GDPR). Compliance with these regulations is non-negotiable, as violations can result in severe penalties, reputational damage, and loss of customer trust. Here’s how compliance intersects with technical resiliency:
Risk and Compliance Considerations:
Data Protection: Compliance regulations mandate the secure handling and storage of sensitive cardholder data. Technical resiliency entails implementing encryption protocols, access controls, and data masking techniques to safeguard this information from unauthorized access and data breaches.
Transaction Monitoring: Compliance frameworks require continuous monitoring of transactions to detect and prevent fraudulent activities, money laundering and other illicit behaviors. Technical resiliency involves deploying advanced analytics, machine learning algorithms, and real-time monitoring systems to identify suspicious patterns and take prompt corrective action.
Regulatory Reporting: Financial institutions must adhere to stringent reporting requirements outlined by regulatory authorities. Seamless extraction, aggregation, and analysis of data necessary for regulatory compliance, ensuring accuracy, timeliness, and completeness of reporting obligations.
In conclusion, the resiliency of technical applications and compliance excellence are foundational pillars of operational resilience. Financial institutions must invest in robust cybersecurity measures, high availability infrastructure, enhanced risk management practices, and foster a culture of compliance to mitigate risks. This contributes to overall growth and stability of the industry, ensuring continuous operations, enhancing customer satisfaction, and mitigating risks.