Risk & Security

Certified Compliant
  • To meet industry payment compliance, you must select a solution provider with the highest degree of security and soundness when providing electronic payment services to your community.
  • Our data center and customer relations staff understands compliance, regulations and regulatory requirements.
  • We understand regulations like the Gramm-Leach-Bliley act.
  • Our data center is certified each year to be a Level I PCI/DSS compliant service provider, the highest rating in the industry.
  • A comprehensive FFIEC audit is conducted on a regular basis by government regulators.
  • In addition to required internal audit responsibilities, our data center undergoes annual third party audits such as the SSAE-16 SOC1 Type II audit, IT Security audit, Risk Assessment audit and Financial audit, to name a few.
  • The company performs annual reviews of NACHA rule changes, financial regulatory changes and other areas in order to meet compliance requirements.
  • Financial institution’s clients receive all third party and internal audits annually allowing the institution to fulfill its regulatory compliance requirements.
Risk Management
  • Processing ACH payments, accepting check images, audit reporting and other functions related to a comprehensive electronic payments program brings a certain amount of risk.
  • Our data center and payment network has undergone a series of Risk Assessment reviews, but, we don’t stop there. Our Risk Assessment and Project Review and Approve Committees continually review and analyze Risk Exposure, Risk Impact and develop Risk Controls and Risk Monitoring solutions.
  • Risk Policies and Procedures are recommended and reviewed by the Risk Assessment Committee, with oversight from the Board of Directors.
  • Third Party Risk Assessment and IT Security Auditing firms perform annual reviews of the company’s payment network to ensure Risk Threats have been analyzed and sufficient Risk Controls have been established.
  • Risk limits have been established to limit transactions exposure including per-transaction, per-batch, per-file, per-day, 48-hours, 10-day, 30-day, 60-day and more.
  • By implementing Multi-level system access, dual posting authentication, automatic batch suspension, duplicate batch warning, duplicate check notice, real-time notification and many more controls, reducing Risk Exposure is easy.
  • You are in control. You may restrict any system feature that can be used by your customer.