undefined | Better HN

0 pointsavianlyric7y ago0 comments

> as a financial institution you simply cannot have your IT system incompliant

This just isn’t true, or rather “compliance” tends to be quite fuzzy.

Regulators generally expect you follow recommendations from places like NIST. But it’s not a hard requirement, you just need to explain why deviating is better.

Unfortunately most fincial institutions trip up at the “explain why it’s better” bit. Either because they aren’t competent enough, or (more likely) can’t be bothered.

0 comments

zamadatix7y ago

If something was better for the entire industry one would think the compliance recommendations would be the topic of discussion, not explaining why it needed to be done differently individually.

j / k navigate · click thread line to collapse