ComplyTech: Norkom

Norkom is a subsidiary of BAE Systems that focuses on Financial Crimes technology. Though how it was incorporated into BAE Systems is not known to the public, one can assume that it has been paired up with Detica NetReveal transaction surveillance technology. Norkom is used by major banks all over the world, particularly those involved in capital markets.



About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.


ComplyTech: LexisNexis for OFAC


OFAC compliance

Businesses are responsible for following OFAC regulations, which were designed to stop terrorist and other illegal funds from circulating. Brighter Insight helps your business comply with global mandates, including OFAC and protects your company against any risks.

Brighter Insight is your OFAC compliance solution

Brighter Insight strengthens compliance by keeping you ahead of ever-evolving global regulations. This solution uses a single interface to rapidly screen companies by leveraging a best-in-class matching algorithm and providing access to the latest global watchlists. Brighter Insight helps companies conduct due diligence and comply with global mandates, such as the Bribery Act of 2010 (UK), FCPA, USA Patriot Act, OFAC, FACTA and the European Union Third Directive, as well as government regulations such as CIP (Customer Identification Program). Brighter Insight helps protect your business and drive global revenue generation.


  • Company Information and Profiles
  • Sanctions, PEPs, and Watch Lists
  • Negative News Check
  • Legal History
  • Biographical Sources

More information

  • Aml implementation
  • Anti bribery and corruption policy
  • Anti bribery and corruption solution
  • Anti bribery implementation
  • Anti bribery tools
  • Anti corruption
  • Anti money laundering implementation
  • Audit reports
  • Audit trail
  • Company audit
  • Money laundering regulations
  • Ofac compliance


About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.


ComplyTech: SAS

SAS® risk software advances regulatory compliance, risk-based decisions

Newest versions enhance high-performance risk management, support new liquidity and credit risk rules

CARY, NC (Nov. 06, 2013) – Banks facing intensifying regulations, including BCBS 239, and market volatility are struggling to speed quantitative risk assessment processes, improve risk data and access critical data on demand. The challenge of making improvements in risk data aggregation capabilities and risk reporting practices was even recently noted by supervisors from the Basel Committee on Banking Supervision who cited the need for more industry progress.

Smart banks are implementing comprehensive enterprise risk management that integrates data management, analytics and visualization. The latest versions of key SAS® risk solutions help banks juggle the varied demands through an integrated risk platform powered by high-performance analytics.

A modern risk management framework harnessing today’s high-performance technologies is more cost-effective and generates quick investment payoffs. “Banks need automated solutions that deliver concise, intuitive and more informative reports based on real-time data,” said Jaroslaw Knapik, Senior Analyst for Financial Services at Ovum. “SAS has made impressive strides, offering banks a competitive advantage with big data technologies. Leveraging a wide array of data sources for risk data aggregation, reporting and decision making, SAS helps reduce report preparation time and analyze data instantly.”


Operational and strategic business decisions demand the most up-to-date and integrated risk management framework for evolving needs including comprehensive aggregation of risk measures across portfolios and geographies. SAS High-Performance Risk can provide this consolidated view of risk through accelerated analytics that use in-memory computation on industry-standard server grids. That means quicker access to accurate calculations of market risk, counterparty exposure, liquidity risk management, credit risk, stress testing and scenario analysis. Enhancements include on-demand risk exploration via an updated graphical interface, continuous data integration fed by the SAS Event Stream Processing Engine, and backup and restoration along with Hadoop integration.

SAS on-demand risk analytics and reporting let business analysts explore and monitor updated risk sources as needed. They can easily navigate and graphically visualize the risk profile and incorporate a wealth of built-in measures they can select and view at any time. Portfolio pricing and valuations can also be performed directly in SAS High-Performance Risk using in-house and/or third-party pricing routines. SAS acts as the risk-aggregation “cockpit” for line-of-business executives and chief risk officers to assess both aggregated exposures – including integrating and consolidating portfolios from in-house risk analytics applications – and individual exposures from trading desks, business units, counterparties or instrument types.

The SAS Event Stream Processing Engine provides the capability to continuously receive data from risk source systems and manage updates through orchestration techniques. Incorporating streaming data into risk analysis helps provide more timely and accurate risk exposure analysis and can alert management to changing risk profiles.


Liquidity risk management, both in terms of regulatory capital management and ongoing, proactive asset liability management (ALM), is increasingly important in banking. Banks are rapidly concluding – especially after seeing the impact of liquidity shortfalls during the economic downturn – that actively managing liquidity risk is a necessity for a sound risk management strategy.

The latest version of SAS Asset and Liability Management, part of SAS Risk Management for Banking, helps banks address new Basel III liquidity regulations and measure exposure and risk across the enterprise. Enhancements include: out-of-the-box support of Basel III liquidity ratios, including LCR and NSFR, and monitoring standards; better business workflows for critical stress testing and liquidity reserves management; and improved cash flow management.

SAS Asset and Liability Management has an advanced analytics environment with interactive reporting to evaluate traditional balance-sheet instruments and dynamically calculate cash flows, funding gaps and net interest income, and analyze funds transfer pricing and profitability.


To battle low confidence in credit markets, it is critical for banks to ramp up credit risk management practices. The new version of SAS Credit Risk Management for Banking addresses the global adoption of the Basel III regulatory guidelines, providing the latest calculations and reporting required to meet regulatory obligations across jurisdictions. With SAS Credit Risk Management for Banking, banks operating in the European Union (EU) – and subject to the European Banking Authority’s capital preservation recommendation in July – can handle risk-weighted assets and regulatory capital calculations, stress testing and reporting based on the EU Capital Requirements Directive IV (CRD IV) including CP50/COREP, large exposure and leverage ratio reports.

“Global regulators demand improved risk data aggregation, liquidity risk management and stress testing so banks and capital market firms can properly measure performance against risk appetite and for regulatory reporting,” said David M. Wallace, Global Financial Services Marketing Manager at SAS. “Leading organizations will answer regulations with interactive, on-demand visualization and analysis of exposures and stresses. These solutions will help firms fully optimize capital rather than just ensuring adequacy and also improve transparency with regulators, customers and markets.”

Read how to make the risk function a more integral element in the business decision process.

Today’s announcement came at the BAI Retail Delivery 2013 conference in Denver.


SAS is the leader in business analytics software and services, and the largest independent vendor in the business intelligence market. Through innovative solutions, SAS helps customers at more than 65,000 sites improve performance and deliver value by making better decisions faster. Since 1976 SAS has been giving customers around the world THE POWER TO KNOW® .
Back to Recent SAS Press Releases


About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.


Plugging Your Bank’s Weaknesses In Cybercrime

Cybercrime is rampant. It isn’t just something the news is trumping up for sensationalism. There are two big estimates, neither are reliable but as reliable as possible currently. In 2009, President Barrack Obama is quoted as referring to MacAfee’s estimate of a $1 Trillion cost to the world due to cybercrime. Fox Business reported MacAfee’s new estimate in 2013 as being $500 Billion globally. Either way, this is a very large cost for something that legitimate consumers and businesses do not get a benefit from. Retailers have been hit with cybercrime that cost them millions. Retailer Target was probably the most notable event that got people’s attention back during the 2013 holiday season, which kicked off a number of other reported retailer victims of cybercrime. And then there was this past winter when Kaspersky discovered how a group called Carbanak stole $350 Million from European banks through a patient and meticulously executed breaches.

Bank employees are particularly vulnerable to being victims and to being the gate for their banks to being victims. Many banks are using SecurID and other token-based login systems with VPN connections with the help of services by the likes of Citrix. These tools allow the bank to take control over the user, not just to prevent entry. It also allows the banks to provide offsite connections to their employees.

I have yet to hear any major bank in the world also implementing a password manager. A password manager is a piece of software that provides a unique password to every password-requiring entry-point and a password to the user with a password that is very difficult to crack, usually very long. But the user would only have to remember this one very long password. The theory is that it is far more difficult to crack a single super-password than to crack many easy ones. The data seems to bear this out. People with password managers have far less identity thefts, data thefts and other types of cybercrime.

There are always exceptions that provide some perspective about the limitations of a better solution. LastPass, one of the most popular password managers, was breached just six weeks ago. But since banks are already relying on vendor services for secured communications, shouldn’t banks improve their communication channel entry-points? The answer, of course, is “Yes.”

ComplyTech: Charles River Compliance IMS

A coxswain in the bow at Cambridge Regatta

Charles River is a technology firm that focuses on investment management business. It focuses primarily on the front- and middle-office operations. It has launched a Compliance service. The service offers monitoring, reporting, lookbacks and risk calculations. This application is provided on the SaaS model (software as a service).

Because compliance is a cost center with little to no monetization available, anyway to lower the cost of it is welcomed by the COO. By the way, if you didn’t know already, compliance departments must sit within the Chief Operating Officer’s span of control. For many banks, compliance sits within the risk department.

Implementing a SaaS model for a financial institution means it has no desire to find a way for compliance to enhance revenue centers. This is sad because that means management of those institutions are not looking for opportunities. In the current economic environment, opportunities for financial institutions are difficult to come by. I won’t go into how a compliance department can help with revenue in this post.

Still, the sign that Charles River has entered the compliance market with the SaaS model is a good sign. Charles River focuses on the investment management business but it is a technology company. Their current compliance service is mostly a workflow solution tailored for the compliance department, but I think they will probably find other ways to implement actual regulatory solutions, which is a solution unlikely to come out of information services like Thomson Reuters or Bloomberg.

The Republican Presidential fields is large; who do you think will win the Republican nomination?

About the Author: M. C. Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.