RISK AND SECURITY
EFS is committed to providing start-of-the art comprehensive risk and security management and tools to ensure your payment processing is safe, secure, and confidently supporting your daily operations.
To meet industry payment compliance, you must select a solution provider with the highest degree of security and soundness when providing electronic payment services to your community.
- We meet and exceed industry standards and maintain close monitoring of industry changes.
- Our data center and customer relations staff understand compliance, regulations, and regulatory requirements.
- We understand regulations like the Gramm-Leach-Bliley act and integrate regulatory requirements into our daily operations.
- We provide the highest level of state-of-the-art compliance, security, and support.
- Our secure data center is certified each year to be a Level I PCI/DSS compliant service provider, the highest available rating in the industry.
- A comprehensive FFIEC audit is conducted on a regular basis by government regulators.
- In addition to required internal audit responsibilities, our data center undergoes annual third-party audits such as the SSAE-16 SOC1 Type II audit, IT Security audit, Risk Assessment audit and Financial audit, to name a few.
- EFS performs annual reviews of NACHA rule changes, financial regulatory changes, and other areas in order to meet compliance requirements.
- We support your audit, compliance, and reporting needs.
- Financial institution’s clients receive all third-party and internal audits annually, allowing the institution to fulfill its regulatory compliance requirements.
Processing ACH payments, accepting check images, audit reporting and other functions related to a comprehensive electronic payment program brings a certain amount of managed risk.
- Our data center and payment network has undergone a series of Risk Assessment reviews; however, we don’t stop there. Our Risk Assessment and Project Review and Approve Committees continually review and analyze risk exposure and risk impact and develop risk controls and risk monitoring solutions.
- Risk policies and procedures are recommended and reviewed by the Risk Assessment Committee, with oversight from the board of directors.
- Third-party risk assessment and IT security auditing firms perform annual reviews of the company’s payment network to ensure risk threats have been analyzed and sufficient risk controls have been established.
- Risk limits have been established to limit transaction exposure, including per-transaction, per-batch, per-file, per-day, 48-hour, 10-day, 30-day, 60-day and more.
- By implementing multi-level system access, dual posting authentication, automatic batch suspension, duplicate batch warning, duplicate check notice, real-time notification and many more controls, reducing risk exposure is easy.
- You are in control. You may restrict any system feature that can be used by your customer.