Data Management and Disaster Recovery For Financial Institutions


December 11, 2013

Today’s evolving data sources bring many challenges for businesses in all industries. However, banks in particular face significant challenges with the massive amounts of data coming from new forms of customer interaction, such as online, over the phone, and in writing. Banks must monitor and manage data while complying with regulations.

Banks generate and store more data than ever before, and require more powerful data management tools. No matter whether data needs to be processed and stored from a simple ATM withdrawal, or a complex merger with another institution, data must be managed securely.

In today’s rapidly evolving financial environment, with new and complex regulations, banks must be able to gather, utilize, protect, and recover their data immediately.  As a business owner or manager in the financial industry, it’s important to develop an approach for data protection and storage for long-term access.

Do you know the potential risks associated with data loss? They are vast, and include lost revenue, decreased customer confidence, reputational damage, and penalties and fines.

Data Retention Requirements For The Financial Industry

When working for a financial services organization, you’re required to comply with a variety of local, federal, and international laws that are designed to mandate the retention of certain types of data.  You should be aware of and consider the following laws:

  • Dodd-Frank Act

The Dodd-Frank Act was signed into federal law by President Barack Obama on July 21st, 2010, to modify the American financial regulatory environment. Under Dodd-Frank, financial institutions are required to maintain records for no less than five years.

  • Bank Secrecy Act

The Bank Secrecy Act (BSA) of 1970 requires financial institutions in the United States to assist U.S. government agencies with the detection and prevention of money laundering. All BSA records must be retained for a period of five years and must be stored in an accessible manner.

  • Payment Card Industry Data Security Standard

The Payment Card Industry Data Security Standard (PCI) applies to all organizations that handle cardholder information for debit, credit, ATM, e-purse, POS, and prepaid cards. PCI requires card issuers and holders to retain an audit trail history for a time period that’s consistent with its effective use, and legal regulations.

  • Sarbanes-Oxley Act

The Sarbanes-Oxley Act holds registered public accounting firms and financial institutions to a severe set of standards regarding data storage, access, and retrieval. Section 103 requires firms to prepare and maintain audit work papers for a period of over seven years.

The extensive requirements and concerns in the financial industry require comprehensive data management and protection methods. Does your financial institution have adequate data lifecycle management processes in place? What about a secure data backup and disaster recovery plan?

Integris can help you implement proper data management processes for your financial institution. We can also improve, or develop, and implement data backup and disaster recovery solutions to ensure data security and compliance with specific regulations.

To learn more about data management processes, or data backup and disaster recovery, give us a call at (888) 330-8808 or send us an email:

We're Integris. We're always working to empower people through technology.

Keep reading

Benefits of a NIST Cybersecurity Framework Risk Assessment

The National Institute of Standards and Technology (NIST) released the cybersecurity framework risk assessment in 2014. It is an impressive and detailed resource that allows a wide range of industries to better manage and understand their cybersecurity efforts. Many...

Information Technology Consulting Firms: Tips for Common IT Problems

When you run a business, you will run into standard information technology (IT) issues. Security breaches, broken technology, lost data, and forgotten login information will happen in only a matter of time – which is why it’s crucial to have information technology...