Basel II
The original Basel Accord was agreed in 1988 by the Basel Committee on Banking Supervision. The 1988 Accord, now referred to as Basel 1, helped to strengthen the soundness and stability of the international banking system as a result of the higher capital ratios that it required.
Basel 2 represents recommendations by bank supervisors and central bankers from 13 countries on the international standards for measuring the adequacy of a bank’s capital. It was created to promote greater consistency in the way banks and banking regulators approach risk management.
FDA-21 CFR Part 11
The Food and Drug Administration (FDA) is responsible for protecting the public health by assuring the safety, efficiency, and security of human and veterinary drugs, biological products, medical devices, America's food supply, cosmetics and products that emit radiation. The FDA is also responsible for advancing the public health by helping to speed innovations that make medicines and foods more effective, safer and more affordable; and helping the public get the accurate, science-based information they need to use medicines and foods to improve their health.
The FDA rule 21 CFR Part 11 details in what circumstances it will accept electronic records and electronic signatures as part of a submission from a pharmaceutical and medical devices manufacturer ensuring data reliability, traceability and security. The rule covers all documents that might be sent to the FDA under the different predicate rules as part of the Good Manufacturing Practice (GxP) collective
HIPAA
The Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA, Title II) required the Department of Health and Human Services (DHHS) to establish national standards for electronic healthcare transactions and national identifiers for providers, health plans and employers. It also addressed the security and privacy of health data.
As the industry adopts these standards for the efficiency and effectiveness of the nation's healthcare system will improve the use of electronic data interchange.
MiFID
The Markets in Financial Instruments Directive 2004/39/EC (known as "MiFID"[1]) is a European Union law that provides harmonised regulation for investment services across the 30 member states of the European Economic Area. The main objectives of the Directive are to increase competition and consumer protection in investment services.
Sarbanes Oxley
The Sarbanes-Oxley Act came into force in July 2002 and introduced major changes to the regulation of corporate governance and financial practice. It is named after Senator Paul Sarbanes and Representative Michael Oxley, who were its main architects, and it set a number of non-negotiable deadlines for compliance.
Solvency 2
Solvency 2 is a fundamental review of the capital adequacy regime for the European insurance industry that aims to establish a revised set of EU-wide capital requirements. Its intention is that these requirements will help supervisors protect policyholders' interests more effectively by making prudential failure less likely – reducing the probability of consumer loss or market disruption.
The framework under development consists of three ‘pillars’. Pillar 1 sets out the minimum capital requirements firms will be required to meet for insurance, credit, market and operational risk. Pillar 2 will be the supervisory review process – because of this, supervisors may decide that a firm should hold additional capital against risks not covered in pillar 1.
The aim of pillar 3 disclosures is to harness market discipline by requiring firms to publish certain details of their risks, capital and risk management.
PCI-DSS
The PCI DSS version 1.1 is a set of comprehensive requirements for enhancing payment account data security. Developed by the founding payment brands of the PCI Security Standards Council, the PCI has been designed to help facilitate the broad adoption of consistent data security measures on a global basis. Being multifaceted, the security standard includes requirements for security management, policies, procedures, network architecture, and software design and is intended to help organizations proactively protect customer account data.
As with many compliance projects, the most obvious benefit is that of avoiding the penalties of failing to comply. Penalties for non compliance to the PCI standard vary by credit card brand and contract, but generally include high fines of up to $500,000 per instance of non compliance, and, in extreme cases, denial of credit card processing capabilities.
The Casewise PCI-DSS process model is aimed at assisting organizations achieve compliance status to the standard whilst helping organizations to systematically and proactively protect themselves from the liabilities and potential costs of credit card data misuse, customer identity theft, and cybercrime. The model also offers organizations the ability to make informed, practical decisions about security technologies and solutions and thus increase the return on information security investments.
WEEE
The Waste Electrical and Electronic Equipment Directive (WEEE Directive) is the European Community directive on waste electrical and electronic equipment which became, European Law in February 2003, setting collection, recycling and recovery targets for all types of electrical goods.
The WEEE Directive aims to minimise the impact of electrical and electronic goods on the environment, by increasing re-use and recycling and reducing the amount of WEEE going to landfill. It seeks to achieve this by making producers responsible for financing the collection, treatment, and recovery of waste electrical equipment, and by obliging distributors to allow consumers to return their waste equipment free of charge