Data Privacy breach preparedness & response
Themis provides ongoing consultation services with a set fee 3-, 6- or 12-month renewable contract. For a set monthly fee, Themis will be available to advise you on compliance matters, and include, for a reduced hourly fee, ongoing compliance reviews to risk assess your company’s compliance with its operational procedures.
By understanding the following we can assist your company in mitigating the risks associated with your existing company processes and identify potential gaps or failures in compliance with US and EU laws:
What types of personal data your company obtains, retains, and or process
How does your company process and transfer data (data workflow)
What procedures do you currently have in place to protect your confidential and sensitive data
What legal and regulatory issues specifically apply to your company/industry
How does your company prevent, respond to and handle incidents of data privacy breach
What is your company’s risk assessment methodology and what procedures do you have in place to identify and mitigate risks for existing systems, services, products and processes
What procedures do you have in place for identifying and handling risks associated with new products, services and or geographical locations
CORPORATE GOVERNANCE, OPERATIONS, POLICIES, PROCEDURES & SYSTEMS
Regulatory and Compliance Workflow Processes
The focus of your company should be on customer service. Themis provide services that allow you to get back to the business of business.
Themis develops, reviews, and enhances your end to end workflow operational systems and processes assisting your company in boosting productivity, efficiency, and service levels. As needed on a project by project basis or on an ongoing set fee 3-, 6- or 12-month renewable contract, Themis provides advice on workflow management and the development or revision of policies and procedures relating to the following:
Employment - application, hiring, training, investigation, review, termination, post-employment matters
Contract Management System - customer and vendor (third party contract management) onboarding due diligence reviews, annual contract term and SOW compliance reviews
Financial Services Compliance Systems - BSA/AML/CFT, OFAC, CIP/KYC, CRA, customer complaints, FDCPA, FCRA/FACTA (Red Flags), UDAP/UDAAP, GLBA/Privacy, ECOA/Fair Lending, Reg O, Reg W, and more
Lending Processes - application, denial, underwriting, servicing, payment, collection, enforcement against collateral, release of liens/settlement
Retail Banking Facilities & Equipment Management Processes - licensing, branch/location opening, relocating, closing, leasing, purchase or sale, insuring, security
Legal & Claims Management System - complaints (intake and monitoring), garnishments, investigations, subpoenas & discovery, insurance claims, settlements, bankruptcies
Data Privacy Process Systems - website contacts & notices, opt-out & other disclosures, reporting and regulatory notification of incidents
Enterprise risk management
hemis provides ongoing consultation services relating to your risk management system including assisting your company with the development and or enhancement of the risk assessment tools and reporting. Operational or enterprise risk management ("ERM") looks at the entire company and all of its internal and external influences to determine what are the risks to the company and how to mitigate those through controls (policies, procedures, processes) including identification, assessment, monitoring, measuring, and response processes to risk within the entire company:
What are your company's identified risks and unidentified risks?
What are your internal critical controls for those risks within each operation of your company (by department, product, service, workstation) and are they identified?
What is the audit system or process you use to measure, monitor, report and communicate those risks at every level from the front line to the Board or Executive Management team and back to the front line?
Themis will help you identify and address the following categories of risk that impact your company:
Physical Hazards (earthquakes, floods, etc.) that affect the physical assets of the company (facilities, infrastructure, etc.);
Systems Failures (power, software, etc.);
Legal and Compliance Operational Risks (noncompliance with regulations or lawsuits, recalls, etc.) resulting in fines, sanctions or closure of business;
Illegal or Criminal activity (theft, terrorism, fraud, etc.); and
Human (employee errors, lack of skilled or experienced labor pool, etc.)