Financial Crime World

Regulatory Supervision, Audit, and Inspection: A Guide for Financial Institutions in Chile

In Chile, financial institutions are subject to various regulations aimed at ensuring the integrity and stability of the financial system. One such regulation is RAN 20-7, which outlines the requirements for outsourcing services, data processing sites, and technological infrastructure. This article provides an overview of these regulations and how Amazon Web Services (AWS) can help financial institutions comply with them.

Access and Inspection Rights

RAN 20-7 requires financial institutions to ensure that cloud service providers grant permanent access to records, data, and information being processed, held, or generated through external providers. This can be achieved through visits conducted at the cloud service provider’s facilities or remotely. AWS offers its customers a contractual framework that helps them satisfy applicable contractual requirements under RAN 20-7.

  • Permanent access to records, data, and information
  • Visits to cloud service provider’s facilities or remote inspection

Data Localization

RAN 20-7 also provides that when financial institutions outsource services, data, technological services, and applications to be used in outsourced services, such data must be found on specific processing sites. In the case of foreign processing, the data must be located in a defined and known jurisdiction. AWS gives its customers the option to choose between several AWS Regions where their content and servers are located.

  • Data localization options: multiple AWS Regions
  • Compliance with RAN 20-7 requirements

Business Continuity

RAN 20-7 and RAN 20-9 outline the obligations, guidelines, operational, and technical requirements for financial institutions regarding business continuity management. These regulations emphasize the importance of having a Business Continuity Plan (BCP) that outlines the process to follow in case of an outage.

  • AWS has developed its own BCP
  • Three-phased approach: Activation and Notification Phase, Recovery Phase, and Reconstitution Phase

Disaster Recovery

AWS offers its customers disaster recovery (DR) architectures that enable faster disaster recovery of their critical IT systems without incurring the infrastructure expense of a second physical site. Financial institutions can learn more about how to architect disaster recovery in the AWS Cloud with the AWS Elastic Disaster Recovery (AWS DRS).

  • Faster disaster recovery
  • Cost-effective solution

Conclusion

In conclusion, RAN 20-7 and other regulations outline specific requirements for financial institutions regarding outsourcing services, data processing sites, technological infrastructure, business continuity management, and disaster recovery. AWS offers its customers a range of solutions that can help them comply with these regulations, including contractual frameworks, data localization options, BCPs, and DR architectures.

By leveraging the cloud-based solutions offered by AWS, financial institutions in Chile can ensure compliance with regulatory requirements while also benefiting from increased agility, scalability, and cost savings.