Content area
Full Text
Abstract
The financial industry represents a vast assortment of firms, agencies and institutions with operations ranging from small community banks to massive, international corporations. Managing the financial sector in the U.S. presents a herculean task to lawmakers and regulators charges with its oversight. The management of cybersecurity takes on greater complexity in considering multinationals with global partners and operations in countries with varying levels of cybersecurity sophistication. This paper investigates laws and regulations within the financial industry applicable to cybersecurity. It analyzes both compliance and regulatory issues across the financial sector at federal and state levels. It also reviews similarities and differences among compliance environments created by financial regulations. The paper distinguishes the cybersecurity operational differences and repercussions that result from the joint requirements of the Gramm-Leach-Bliley, Sarbanes-Oxley, and Dodd-Frank Acts on both small and large institutions. Finally, this paper contrasts the values and issues created by increasing compliance requirements for the financial sector..
Keywords: Cybersecurity; Financial regulation; Compliance environment; Gramm-Leach-Bliley Act; Sarbanes-Oxley Act; Dodd-Frank Act
© Derek Mohammed, 2015
INTRODUCTION
Financial regulations provide a framework seeking to promote legal and ethical behavior within the industry. However, investigations over the last fifteen years have revealed broken regulations and poor enforcement. In each scandal's wake, lawmakers passed legislation to create new standards and enforcement mechanisms. As a key pillar in a nation's economic foundation, the U.S. relies on a stable financial industry. Financial stability determines a nation's standing on the international stage. China's emergence as an international power, for example, derives partially from its economic strength. The sheer volume of assets the financial industry manages presents a highly lucrative target for criminals. Insiders engage in fraud, deceiving investors for ill-gotten profit, and others use complex financial systems for illicit purposes such as money laundering. Also damaging is the near-constant assault from cyber criminals. In order to protect consumers and ensure transparency, U.S lawmakers have empowered several regulatory bodies with oversight authority. Still, responsibility for regulatory compliance and safeguarding financial assets remains with individual institutions. Regulations create a diverse set of compliance environments that display some similarities, yet contain differences in focus and intent. Improving cybersecurity in the financial industry requires a critical evaluation of the merits and issues of compliance present in each environment. Only...