Quick Links
Our Vision & Mission
Our Executive Team
Our Partners
Clients We Serve
Past NewsLetters


"TurtleBay Advisory Services advisors have an incredible understanding of how operations and technology can support and enhance business transformations efforts. The team is skilled at both strategy and implementation."

Industry Insights

A Unified Source for Monitoring Regulatory Information

In early September, it was revealed that a breach at Equifax may have affected 143 million Americans. The day after the hack was announced, a The New York Times article ran with the headline "Equifax Hack Exposes Regulatory Gaps, Leaving Consumers Vulnerable."

Hacks, breaches and other cyber-attacks are becoming increasingly common. As new attacks potentially expose new weaknesses, they also bring the specter of new regulations to try to address those weaknesses and better protect consumers.

For financial institutions holding consumers' sensitive financial information, the growing web of regulations governing security can be dizzying. An effective security plan must not only protect a firm's infrastructure from becoming the next victim of a public security breach, but must ensure compliance with continually changing regulations. Keeping current on security regulations can at times seem like a aiming for a moving target. For financial firms doing business internationally, compliance with regulations in multiple jurisdictions can be even more daunting.

To support compliance efforts, firms need a unified source for monitoring regulatory information. The Web-based resource Reg-Track, serves as a single online repository for tracking global regulatory changes. In the U.S., the site tracks updates from congressional committees, state Attorney Generals, The U.S. Treasury, the Federal Reserve Board, the Federal Deposit Insurance Corporation, the Financial Industry Regulatory Authority, The Office of the Comptroller of the Currency, The Securities and Exchange Commission, The Commodity Futures Trading Commission, the Municipal Securities Rulemaking Board and others. It also tracks regulations in Canada, Europe, Australia and Asia-Pacific in addition to international regulations from bodies such as the Basel Committee, The Financial Stability Board, The Group of 20, the International Monetary Fund and more.

Firms can track daily regulatory developments related to final rules, proposed rules, concept releases, guidance and enforcement actions. Users can receive customized regulatory updates by selecting the rules they want to follow or filtering regulations to see only a subset of rules. Firms receive summaries of tracked regulatory developments with direct links to the tracked rule or regulation.

Companies can use the resource to manage impact assessments, and enter summaries of the compliance processes required for each rule, and view their own internal communications and responses.

Each of the myriad of security laws and regulations that financial firms face have their own complexities. The pace of change in cyber security regulations means managing security also means managing compliance risk. Legal, security and risk management teams must all be aware of how changing rules affect their company. Partnering with an outside, impartial resource to stay informed of changing regulations allows firms to ensure that they are keeping pace with regulatory change.