Aptelisense - Compliance software
Aptelisense Compliance Automation Server (CAS) enables your organization to constantly monitor and validate customer data across all your internal data sources. CAS also enables you to validate any customer data securely with other organizations who are also running CAS.
This near real-time approach will allow you to be instantly aware when a customer is breaking one of your compliance rules. Here are some example scenarios where CAS could validate your customer data with other organizations:
• Verify customer place of domicile
• Verify transaction amount and frequency
• Verify customer details with external credentials
• Check customer with law enforcement agency
• Check customer with credit agency
• Check customer with energy or telco company
As well as these standard customer due diligence checks you could also validate the customer details for fraud:
• Verify customer license plate is not associated with another external policy
• Verify customer bank account number
• Verify customer is not on a black or watch list
Although these are only simplistic examples, it is a simple process to configure CAS rules to validate any piece of data with data within your own data sources or with those of other organizations.
One of the main concerns with validating your customer data with other organizations is the risk to data privacy. By default, CAS will not store any data passed from another CAS or raise alerts while processing this data through its rules. This default behavior allows CAS to run silently when processing data validation requests from another CAS. This default behavior can also be changed if required.
The default result returned by CAS for a remote validation request is either zero (false) or one (true). The actual meaning of these result values will be implementation specific and ensures that no data is passed back from the organization processing the data. This default behavior can be changed to return data if required.
In the example above, Organization A does not need to know how Organization B or C validates its data. The organizations just need to disclose the format of the data being passed and the type of checks to be made. If an organization needs to alerted when the configuration in use by another organization is changing, it is a simple matter for the organization to be defined in the CAS configuration as an authorizer of changes.
All data validation requests between different CAS instances are encrypted using standard SSL security. CAS connections are tightly secured and require a unique shared key to be passed for each request. CAS will not accept inbound connections from another CAS unless it is configured explicitly to do so.
CAS was designed to be secure and does not trust anyone with its data. It encrypts its configuration and data using a 256 bit algorithm. This means that if someone was to attempt to remove the configuration or data, there would be little risk of the data being legible. This also means that employees would not be able to 'massage' any of the data collected and reported by CAS. You will always be able to see the true history via the CAS dashboard
CAS has been designed to be simple and easy to use. The target users of CAS are less technical business users who may feel comfortable using Microsoft Excel. CAS removes the need for any programming and provides a simplified configuration interface that hides the normal programming skills that are required when using other tools. Because of this simplicity, CAS can be operated by your business users rather than your IT department. Once your users have been trained, they should be able to develop their own rules without any further help. To further assist your users becoming self sufficient, every field on each of the CAS screens has context sensitive help.
We would be happy to talk to you about how CAS can easily accomplish monitoring of your Anti-Money Laundering and fraud requirements. Please supply your contact details and we will be back in touch as soon as possible