IBS Journal: The iconic monthly FinTech magazine

February 2020 issue out now! Subscribe now

Launching India FinTech Report 2020

Market sizing and forecast of Digital Lending, Payments, WealthTech & RegTech. Subscribe now

Leading Back Office Systems for Banks

In-depth Supplier Profiles and User Lists. Subscribe now

In-depth Banking Tech and FinTech Research

Over 300 research reports that's updated quarterly. Subscribe now

DTCC calls for DLT security framework to review existing guidelines

DTCCNew York-headquartered Depository Trust & Clearing Corporation (DTCC) calls for a coordinated strategy around the development of a principles-based framework to identify and address distributed ledger technology (DLT) specific security risks.

According to DTCC, the establishment of a DLT security framework would assist in the completion of risk evaluations across an individual firm’s security assessments via best practices and tools, such as risk management & oversight, cybersecurity controls, third-party management, and incident & event management.

Key aspects of the DLT key management lifecycle, including DLT-specific security considerations associated with the creation, maintenance, storage and disposal of sensitive information, can be addressed.

“With adoption of DLT across the financial services ecosystem likely to continue to increase in the coming years, we need to be certain that all DLT-related security risks are identified and addressed to maintain the safety and stability of the markets,” said Stephen Scharf, Chief Security Officer, DTCC. “DLT offers great potential, but as with any new technology, it also comes with certain risks. Traditional security measures may not be adequate, so it is critically important that this topic is top of mind for any DLT implementation.”

“As is common in IT security communities, frameworks must be widely available, generally agreed upon, and commonly adopted. As best practices mature, they can be adopted into a formal framework and used for financial industry participants and regulators alike,” added Scharf.

Security guidance and practices respective to account access with the use of cryptographic hash functions, standard authentication methods and bridging the security gap between DLT and traditional IT environments can be provided with the framework, according to DTCC.

DTCC is a post-trade market infrastructure for the global financial services industry. From operating facilities, data centres and offices in 16 countries, DTCC, through its subsidiaries, automates, centralises and standardises the processing of financial transactions, mitigating risk, increasing transparency and driving efficiency for thousands of broker/dealers, custodian banks and asset managers.

Industry owned and governed, the firm simplifies the complexities of clearing, settlement, asset servicing, data management, data reporting and information services across asset classes, bringing increased security and soundness to financial markets.

Related Posts