Financial Services Information Security Definitions

  • P

    Podcast: What is FFIEC compliance?

    In this podcast, you'll learn about this attempt to modernize existing banking practices in the context of new online threats like phishing. To learn more about FFIEC compliance, Assistant Site Editor Alex Howard interviewed Patrick Audley, the CTO of risk adaptive software provider Cogneto.

  • Q

    QIX (NASDAQ Information Exchange protocol)

    QIX (NASDAQ Information Exchange protocol) is a proprietary specification intended to streamline automated trading in the financial industry... (Continued)

  • R

    RASHport (Routing and Special Handling)

    RASHport, also called RASH (Routing and Special Handling), is a digital communications protocol that allows customers of the NASDAQ (National Association of Securities Dealers Automated Quotations) to conduct business in the options market... (Continued)

  • Real ID

    Real ID is a driver's license that complies with standards mandated by the United States Real ID Act of 2005. (Continued...)

  • Red Flags Rule (RFR)

    The Red Flags Rule (RFR) is a set of United States federal regulations that require certain businesses and organizations to develop and implement documented plans to protect consumers from identity theft.

  • remote deposit capture (RDC)

    Remote deposit capture (RDC) is a system that allows a customer to scan checks remotely and transmit the check images to a bank for deposit, usually via an encrypted Internet connection. When the bank receives a check image from the customer, it posts the deposit to the customer's account and makes the funds available based upon the customer's particular availability schedule.

  • S

    Secure Electronic Transaction (SET)

    Secure Electronic Transaction (SET) is a system for ensuring the security of financial transactions on the Internet.

  • Securities and Exchange Commission (SEC)

    The Securities and Exchange Commission (SEC) is a U.S. government agency that oversees securities transactions, activities of financial professionals and mutual fund trading to prevent fraud and intentional deception... (Continued)

  • Shared Assessments Program

    Shared Assessments is a third party risk membership program that provides organizations with a way to obtain a detailed report about a service provider's controls (people, process and procedures) and a procedure for verifying that the information in the report is accurate.

  • SOX Section 404 (Sarbanes-Oxley Act Section 404)

    SOX Section 404 (Sarbanes-Oxley Act Section 404) mandates that all publicly-traded companies must establish internal controls and procedures for financial reporting... (Continued)

  • subpoena

    A subpoena is a command issued by a court in which a person or corporation is required to physically appear before, or produce specific evidence to, that court... (Continued)

  • Suspicious Activity Report (SAR)

    A Suspicious Activity Report (SAR) is a document that financial institutions must file with the Financial Crimes Enforcement Network (FinCEN) following a suspected incident of money laundering or fraud.

  • V

    virtual asset

    A virtual asset is a representation of currency in some environment or situation, such as a video game or a financial trading simulation exercise... (Continued)

  • VOIPSA (Voice over IP Security Alliance)

    VOIPSA (Voice over IP Security Alliance) is a cross-industry coalition of individuals and organizations from the security and VoIP communications sectors.

  • W

    wiretap Trojan

    A wiretap Trojan is a program that surreptitiously records VoIP calls.