Compliance - a focus on the compliance solutions available

Why the sharp rise in regulation?

The alarming rise of online and card transactions fraud has led to a number of data protection directives coming into place that are designed to secure customer confidence through heightened security and transparency measures, and this presents a huge space for innovation at the Customer UX.

The timeline to implement robust compliancy measure is short, the implications are far-reaching throughout businesses and the impact of non-compliance is hefty.

MiFID II – learning from past mistakes

The Markets in Financial Instruments Directive, commonly known as MiFID II, is due to come into force in January 2018. First introduced by the EU in response to the 2008 financial crisis, MiFID is strong reform for the financial industry designed to prevent history from repeating itself in the same way again.

Replacing the existing directive, MiFID II brings many changes to business conduct, including tightened rules around the recording and storing of conversation, however this only applies to financial services operations involved in the trading of investment market products such as derivatives, bond and commodities.

GDPR – global reaching reform

GDPR has implications for all organisations that collect information about customers resident in the EU – regardless of Brexit outcomes.

The EU GDPR will come into force from 25 May 2018. This regulation replaces the Data Protection Act 1998 and any organisation who doesn’t comply will be subject to very heavy fines. The new legislation has been designed to harmonise data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organisations across the region approach data privacy.

PCI DSS – Payment Card Industry Data Security Standard

Call centres have become the weak link amongst a tightening of regulation, a cooperative financial sector and smart technology solutions in making credit card payments safer.

The high levels of Card Not Present (CNP) transactions processed on a daily basis makes call centres a target for fraud, where proving the cardholder authentication is most challenging. Call centres often operate on varying levels of security and the human element means it is an attractive target for criminal activity.

The Payment Card Industry Data Security Standard (PCI DSS) is the proprietary information security standard set out by major credit card companies (Visa, Mastercard, American Express, JCB and Discover) and is compulsory for merchants that take process and store payment card information with annual assessments.

“One incident of financial fraud took place every 15 seconds, from January to June 2016. A staggering statistic reflecting a 53% increase on the same period in 2015.” – Financial Fraud Action

A straightforward approach

Gamma has a range of solutions built with a comprehensive suite of call recording and PCI compliance features integrated with our UK leading SIP trunking and our hosted telephony service; Horizon, and will be available for fixed line calls from December 2017, with the addition of mobile in 2018.

The Gamma solution will provide the toolset needed for organisations to achieve compliance with the voice elements of GDPR, MiFID II and other related legal and regulatory requirements. As well as shifting all recording costs from capex to opex, and providing a single portal for all call recordings, the solution will stop all payment card data from entering the user-organisation’s IT environment, removing a major source of potential risk. Recordings will be stored in the only VISA Europe approved solution currently available.