Compliance and Risk Monitoring and Management
- Enhanced Due Diligence with emphasis on latest regulatory and legal requirements within the payment processing industry.
- CMS certified and member of the Third-Party Payment Processing Association (TPPPA) with executive presence on Government Relations and Compliance Committees.
- Risk Management system built to deliver essential reporting on returns, limits and unusual activity for any bank or customer portfolio including transaction hold capability.
- Bank/partner/customer solution to allow for supervisory approval prior to transaction submission and or dual controls.
- Third-party vendor relationships for ongoing merchant monitoring, account validation, and extensive underwriting risk rating and monitoring programs.
Bank-Grade Regulatory Experience
iStream is subject to both regulatory and annual 3rd party audits, ensuring the integrity of processing for both clients and partners.
Some of these include the following – FFIEC Technology, SOC 1 Type 2 & Soc 2 Type 2 , ACH Third Party Payment Association, Compliance Management, CISA External Vulnerability Scans in addition to continuous scans of public facing resources within the cloud and on premise.
Business Continuity and Disaster Recovery
When it comes to the unexpected, advanced preparation on planning are key to successful navigation back to normal operations. iStream has implemented numerous contingencies and plans to ensure we deliver operational excellence continuously.
Some of these include the following:
- Relational database service implemented in a fully managed service offering >99.99%availability.
- Fault-tolerant, self-healing storage, and replicates six copies of the data across three availability zones.
- Co-location software and hardware capabilities for production operation is to be rolled to the cloud for disaster recovery purposes.
- Cloud vendor provides the resources necessary to launch the same production services running at multiple sites including hardware, software, and telecommunications access.