June 23, 2020

Immutable cloud storage for regulated technology

Written by Tyler Moore

Even though data immutability is not a new topic, it continues to be a key issue for capital markets and regulated technology.

In a prior blog post I pointed out that staying compliant involves not only accurate reporting, but also secure and immutable storage of data. Today we will explore the drivers within a regulated industry especially the financial sector. So what are some of the best practices and latest technologies that facilitate immutable storage in the cloud?

In the capital markets sector, it makes it all the more essential that regulatory technology currently being harnessed to ensure GDPR and MiFID II compliance is fully ready for that purpose. Amongst the most critical of those technologies are those designed to ensure the data at the heart of finance and investment operations can be logged, stored unchangeably and audited in perpetuity. These actions enable regulators to prevent the rogue trading, market abuse, manipulation and mis-selling that once dogged the sector. 

Immutable storage became a focus of companies in the Financial Services industry decades ago when the SEC Rule 17a-4 included the requirement that regulated electronically stored information (ESI) must be stored on a write-once-read-many media such as optical WORM media. The SEC language around the immutable storage requirement for “books and records” was specifically designed to ensure that electronic records are maintained in an unalterable form for the required retention period in order to be accurately reproduced for later reference. Furthermore it is vital that any transaction data is immutable, that is secure and unmodifiable by insiders, hackers or malware. 

Financial services and other regulated sectors have been forward thinking and even somewhat experimental with ways to keep data immutable, using new types of encryption and hashing schemes, as well as blockchain-based distributed ledgers for example.

Regardless of which technology is used, if you are supporting compliance and risk management, one key question to ask yourself is this: when a regulator demands it, how will you show them that investment, securities or trading data, say, has not being touched, changed or modified? How do you actually demonstrate immutability is in action in your front, middle and back office setups? 

One key way is to have certified, trusted components at the heart of a solution. Which is why we have been crafting best of breed digital security solutions that can provide that critical level of confidence.

When coupled with the RStorage Cloud offering and RWave data transit technology encrypting that data in transit, we enable companies to address the regulatory requirements securely and immutably, avoiding unnecessary risks.In this emerging space, we’ve learned that customers running their own blockchain-based, trusted, distributed ledgers across multiple regulatory jurisdictions also value secure, managed, cloud services in multiple data centers around the world. 

But immutable cloud storage should not be thought of as a check box exercise for the sake of compliance, you should also consider how it will help to fuel the growth of your business.

The combination of technologies such as blockchain with immutable cloud storage solutions, and the data trustworthiness they engender has the potential to fuel faster, more secure and lower cost transactions. Find out more about our RStor services for financial markets.

You may also like…