Regulatory Compliance and Business Recovery

We are experienced in many aspects of Regulatory Compliance (PCI, HIPAA, GLBA, AML, OFAC, RESPA, HMDA, ERISA), Merger & Acquisitions and Disaster/Business Recovery and we have helped design and implement security policies and procedures in support of SAS70 SSAE 16, SOC 1&2 standards.


For a large manufacturing and financial services company – Assumed management of projects over disaster recovery and the remediation of MasterCard, Visa and PCI-Personalization compliance and audit issues remediation.  Responsible for implementing procedures to ensure regulatory compliance concerning privacy and security of cardholder data.

For a small business owner – Performed an evaluation and due diligence for the potential purchase of a “Right at Home” franchise territory. Assessed the strength of the franchise system’s intellectual property (Service Marks, Trademarks, Proprietary software, Operations manuals). Review franchise agreement (FDD) review including, Assignability of Franchise, Scope of License Grants/Reservation of Rights, Territory Conflict resolution.  Performed competitive market analysis and review of existing competition.

For a national mortgage servicing company – Integrated loan servicing legislative enhancements supporting HAMP, HARP and loan modification regulations, e-Billing integration with customer portal, FNMA property management expense reporting and reimbursement and e-Property Management into legacy processing systems.

For a national TPA –  Led the successful passing of General Computer Controls for the company’s first SAS70 and HIPAA audit compliance including the development of security policies & procedures and development of the company’s disaster Recovery plan and warm site capabilities. Managed the due diligence and technology integration activities for two merger & acquisitions culminating in the integration of the company’s various technology platforms, networks and processing systems.

For a large multi-regional bank – Provided project management and operational implementation expertise for the installation of IBM’s anti-money laundering (SearchSpace) system enabling regulatory compliance with OFAC and Bank Secrecy Act and AML rules.

For a regional dental claims processor – Took the company through successful passing of General Computer Controls for the company’s first SAS70 type-2 and HIPAA compliance audit and  developed the company’s security policies and procedures and disaster recovery plan.


For more information on Regulatory Compliance, see Wikipedia, the free encyclopedia