.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Replacing the FFIEC CAT with NIST CSF 2.0
by Jerry Hughes on April 18, 2025 at 11:26 AM
After nearly a decade of use, the Federal Financial Institutions Examination Council (FFIEC) is officially retiring its Cybersecurity Assessment Tool (CAT) on August 31, 2025. Originally released in 2015, the CAT served as a foundational tool for financial institutions—especially bank …
What Are the Most Common Causes of Data Breaches in Financial Services?
by Nicholas Foisy on March 7, 2025 at 12:42 PM
Data breaches are among the most pressing security concerns for the financial services industry. Given the vast amounts of sensitive customer data handled by banks, investment firms, insurance companies, and other financial institutions, these organizations are prime targets for cyber …
FinTech Security: How SOC 2 Drives Investor & Client Trust
by Bernard Gallagher on February 28, 2025 at 2:45 PM
In the world of financial technology (FinTech), trust is a currency as valuable as money. As startups and established firms alike strive to innovate, they must also prioritize protecting sensitive financial data. For FinTech companies, achieving SOC 2 attestation is more than a compli …
The Importance of SOC 1 Reports in 401(k) Audits
by Jerry Hughes on November 22, 2024 at 12:00 PM
401(k) plan administrators manage crucial financial transactions, including contributions, distributions, loans, and account reconciliations. Errors or fraud in these activities can have significant financial implications for plan sponsors (employers) and participants (employees). A S …
So You Started Trading Stocks – Is Your Account Secure?
by Peter Fellini on December 3, 2020 at 1:00 PM
The COVID-19 pandemic has had a significant effect on all of us, with many individuals now working from home, furloughed, or losing their jobs permanently. This had led to a sharp increase in personal stock trading. Some are doing it to supplement their income, while others are hoping …
New York Files First 23 NYCRR 500 Enforcement Action
by Nicholas Foisy on August 20, 2020 at 1:00 PM
On July 21st, 2020, the New York Department of Financial Services (NYDFS) announced that it had filed its first enforcement action under the 23 NYCRR 500 cybersecurity regulation against First American Title Insurance, a large title insurance provider headquartered in Santa Ana, Calif …