Compliance at the core
Data Security and Compliance are embedded into all our solutions. Our Compliance & Data Protection Officer works closely with our customers and regulatory bodies through Special Interest Groups, to drive output and delivery of regulatory initiatives, and provide updates regarding upcoming changes. This close relationship ensures all our solutions continue to be fully compliant and secure.
Operational Resilience
The ‘Three Pillars of Operational Resilience’ guidance that the Central Bank of Ireland published in 2021, seeks that Payment Service Providers (PSPs) implement a framework to prepare for, respond and adapt to, recover and learn from an operational disruption. Critical to that is for PSPs to understand the capabilities, vulnerabilities and opportunities of IT Partners. Uptime, efficiency and security of the data centre and Private Cloud environment support the success of this project. Risk assessments performed on critical products, services, third party dependencies, asset infrastructure are business as usual items. Regular checkpoints with the expertise on a Wellington IT Special Interest Group sees this project remain central to the wider conversation on evolving operational risk types. The Private Cloud product offering is critical to be able to provide the assurance that is required.
A sample of Scion's built-in Regulatory Reporting
CESOP
Central Electronic System of Payment information is a new 2024 reporting requirement for Credit Unions to record and report transactional data of cross-border payments to the Revenue. The purpose of the EU initiative to centralise the assessment of emerging VAT fraud across the region.
ISBAR
Launched by the Central Bank of Ireland in 2023, the Ireland Safe Deposit Box Bank and Payment Accounts Register was set up to address links between suspicious and criminal transactional activity and consequently the need to identify account ownership and beneficial ownership.
Paystats
The Payment & Fraud Statistics (‘Paystats’) report is generated from Scion on a quarterly/semi-annual basis (depending on the size/scale of the Credit Union), to provide the Central Bank of Ireland with information on innovative payment services and channels, payment schemes, and fraudulent payment transactions.
CCR
The Central Credit Register was enacted in response to the Credit Reporting Act 2013, and is fed detail on consumer (Credit Information Subject – the “CIS”) credit and specifically loans data, on a monthly basis. The source data in Scion is continually updated to reflect the obligations of Credit Information Providers (“CIPs” – the Credit Union).
SEPA Instant Payments
A game-changer for the Irish banking landscape. This EU driven initiative mandates that Irish Payment Service Providers (PSPs) offer the ability for consumers to receive and send a credit transfer within x10 seconds. PSP compliance dates differ between receiving (January 2025) and sending (October 2025) CTs in this way. The value add to the consumer to clear, however the risks and educational awareness requirements are significant. An efficient, scalable data centre environment and continuous engagement with the many stakeholders will see this project successfully delivered.
Grant Thornton Due Diligence Review
In accordance with the 1997 Credit Union Act and the Central Bank of Ireland’s Credit Union Handbook, the Wellington IT User Group (WUG), via Grant Thornton, performs Due Diligence assessments on key components of the business; IT & Data Security, Governance, Finance, Risk Management, Data Protection and Business Continuity. The thorough assessment is designed to stress test the Wellington IT infrastructure providing Credit Unions with the assurance that there is full compliance with industry standards and best practices.