Aptelisense - Compliance software
Aptelisense Compliance Automation Server (CAS) is an advanced and powerful data governance, validation and analysis engine that enables you to automate data validation in near real-time across all your data sources using your rules. CAS enables you to validate data securely with different organizations and has many uses including protecting against fraud (financial, insurance, benefit) and Anti-money Laundering and Countering Financing of Terrorism capability.
Here are some common uses of CAS within organizations:
• Internal Audit: Automate routine and time-consuming manual functions and free up your staff to do more.
• Internal fraud: Validate suppliers, invoices, payments, receipts and employee records to identify collusion and inappropriate transactions.
• Intelligence: Monitor key business indicators against defined thresholds.
• Security: Validate account changes against change control systems.
• Process control: Enforcing tight policy over electronic processes to avoid costly errors.
• Banking and Finance: Anti-Money Laundering and Countering Financing of Terrorism. The prime principle being Know Your Customer. CAS enables different organizations to validate customer details in real-time with each other.
• Insurance: Policy validation. Insurance companies can now validate in real-time any customer details with other organizations to ensure that the customer information is not fraudulent. This can now take place before a policy is issued. Organizations using this functionality can become aware of any suspicious customer changes as they take place rather than after a suspicious insurance claim is lodged.
• Procurement: Organizations can now validate data with suppliers in real-time such as product stock levels and expected delivery dates.
• Energy: Regulators can constantly monitor energy supplier performance in real-time and be alerted if commitments are not met.
• Finance: Regulators can monitor the current exposure of financial organizations and
immediately be alerted if the exposure is out of bounds.
• Government Agencies: Agencies such as Internal / Inland Revenue can automate data checks with other agencies or external organizations.
With the pressures on internal audit resources increasing each year to cover more areas of an organization,
a solution such as CAS which enables automation of some of the most repetitive and time consuming audit functions
will provide instant benefits. Auditors currently use a selection of tools to perform their roles, but these have
to be typically driven by the auditor on a repeated basis in order to provide historical reporting to management,
which is often out of date the moment it is delivered. CAS enables auditors to set and forget compliance checks and only
receive alerts when the checks fail. These checks can test for conditions that have to take place or for conditions
that should not take place. When auditors utilize the power of CAS, they can be freed up to perform the more
rewarding parts of their roles and allow their organization to increase the level of auditing using the same resources.
CAS is installed or supplied on its own server and only requires read-only access to your data.
Because CAS does not require any application or system changes, it does not introduce any risk to your current systems
or impact your business insurance. CAS operates on your live data and removes the risk of using old or stale data.
Because of its flexibility, CAS can be deployed across many business problem domains (compliance, fraud, business
intelligence, security etc). This will allow you to extend the reach of CAS, reducing your risk on a continual
basis and increasing your return on investment. CAS will enable your organization to audit areas that were
previously too hard or involved manually intensive methods. CAS finally enables your organization to solve the
"What we don't know" question across many areas.
One of the greatest benefits of CAS is to allow your organization to automate your compliance scenarios that used to take one or several staff considerable time. This benefit enables you to move from a reactive mode to a more proactive one and free up your resources to focus on other priorities. Because CAS enables you to monitor your compliance requirements in near real-time (and take optional action), you will instantly see any reported issues before they escalate to the stakeholders or external regulatory bodies. The fine-grained control that CAS enables you to apply to your scenarios will ultimately benefit your customers and allow you to demonstrate measured improvements in quality and up-time.
Using CAS will ultimately help you protect your reputation or brand.
CAS enables you to specify your compliance rules and notify you and your team when your organization fails your rules. This enables you to be assured that your organization does not keep any surprises from your management team, stakeholders or external regulatory bodies.
If your organization has external regulations to comply with such as: SEC, FSA, Sarbanes-Oxley, Energy / Telecommunications (commission), Education (Government), you can use CAS to monitor your compliance with the metrics specified by the external regulator.
CAS enables you to monitor your live data in many types of datasource including: Database and documents and validate any change against your rules.
CAS has the ability to compare data values from one source against one or several sources and only report when the validation fails
your rules. Rules can be configured to do simple validation ie: 'notify me when our sales drop' to more complicated: 'validate a new invoice, check its value
is not above the supplier limit, check the account is not a duplicate, check only one invoice is paid per month, check it is within a percentage of the
previous and check the authorizer is valid'. You can also define the same rule in multiple scenarios.
The schematic to the right shows how CAS can prevent costly mistakes.
Monitoring your financial systems is easy using the advanced rules of CAS but what if you wish to go one step further and take automated action when an alert is generated? Easy, just configure CAS to trigger a remote program, process or script on the system of your choice. How is this possible? CAS is delivered with a secure thin client that can run on most systems.
CAS has been designed to be simple and easy to use. The target users of CAS are less technical business users who may feel comfortable using Microsoft Excel. CAS removes the need for any programming and provides a simplified configuration interface that hides the normal programming skills that are required when using other tools. Because of this simplicity, CAS can be operated by your business users rather than your IT department. Once your users have been trained, they should be able to develop their own rules without any further help. To further assist your users becoming self sufficient, every field on each of the CAS screens has context sensitive help.
CAS is installed or supplied on its own server and only requires read-only access to your data with no application or system changes required.
To increase the separation of duty and security, CAS provides a feature that prevents unauthorized changes to the CAS server configuration. The authorization feature allows you to control which system changes require authorization when the server is running in 'live' mode. If a change is attempted while the system is running in 'live' mode, an authorization alert will be sent to predefined users who can reject or accept the change. If rejected, the change will be automatically backed out, otherwise the change will proceed. All authorization requests are tracked, logged and escalated in the same way compliance alerts are generated.
CAS was designed to be secure and does not trust anyone with its data. It encrypts its configuration and data using a 256 bit algorithm. This means that if someone was to attempt to remove the configuration or data, there would be little risk of the data being legible.
CAS has all the usual security features you would expect, such as account lockout, password aging and ensures that only one administrator user can make changes at a time while allowing others to log in using read only mode. User access to the dashboard is tightly controlled by role based access. It also offers separation of duty by controlling which functions can be performed by the different system roles.
CAS stores all important artifacts (events, alerts, authorization requests and changes) in an encrypted database. CAS will not allow any artifact to be deleted if it was recorded while the CAS server was running in 'live' mode. This ensures that you can always view the history of any live event and provides a good chain of evidence for your auditors.
We would be happy to talk to you about how CAS can easily accomplish monitoring of your compliance requirements. Please supply your contact details and we will be back in touch as soon as possible