Regulatory Compliance

Achieve compliance in the most regulated environments

The Challenge

Meet compliance requirements in all countries where you do business

Forms and Workflow

Regulations Vary and Are Constantly Evolving

Organizations struggle to remain compliant with evolving and differing regulations in all the countries and jurisdictions where they do business


Compliance Can Delay Solution Deployment

If not pre-configured for compliance with global and local regulations, fraud prevention solutions require re-configuration to satisfy varying requirements

Process Efficiency

Auditors Require Proof of Compliance

During audits, it can be a challenge to easily and quickly demonstrate that a compliant process was followed

Success Story

Learn how Raiffeisen achieved PSD2 compliance


Raiffeisen Italy is the umbrella organization for 40 entities of Raiffeisen Bank in Italy.


The bank faced two challenges: PSD2 compliance and a legacy authentication system that customers found difficult to use.


  • Achieved compliance with PSD2 requirements for Strong Customer Authentication (SCA) and protection of their mobile authenticator app
  • Used their compliance initiative to innovate and improve the mobile experience
  • Positive customer feedback and high adoption

The Solution

Customizable solutions paired with expert guidance

Mobile device with a thumbprint and a one-time password

Protect Sensitive Data with Strong Authentication

Safeguard customers’ accounts and data with multi factor authentication and Intelligent Adaptive Authentication

Risk Monitor

Address Requirements for Risk Monitoring

Address compliance requirements, such as PSD2, with real-time transaction monitoring powered by machine learning

A green line drawing of half of a brain alongside half of a circuit board

Fast-track Compliance with Pre-configured Rules

With pre-configured rule sets and predictive machine learning models, anti-fraud solutions accelerate compliance from day one


Protect against Mobile Threats

App shielding, protection against app cloning, and other mobile app security capabilities support PSD2 & FFIEC requirements


Capture Detailed Audit Trails

Digital audit trails make it easier to demonstrate compliance – especially for remote processes with consumers


Automate to Enforce a Consistent Process

For digital agreements and contracts, automation helps remove manual errors that introduce risk

Bank of Cyprus logo
Case Study

Enhancing customer experience with software authentication and PSD2-compliant dynamic linking

See how Bank of Cyprus deployed software authentication and transaction-specific one-time passcodes (OTP) to comply with PSD2.

Read More

PSD2 Compliance

The EU Payments Services Directive (PSD2) contains requirements related to Strong Customer Authentication (SCA). Financial institutions must comply with these requirements by September 2019. However, specific Payment Service Providers (PSPs) could qualify for an exceptional extension in the context of card payments for e-commerce according to a recent EBA Opinion.

The requirements include five compliance criteria:

  • Strong Authentication
  • Transaction Risk Analysis
  • Replication Protection
  • Dynamic Linking
  • Independent Elements
A series of rectangles floating in the air, connected by a thin line some of which have checkmarks on them. Closest to the viewer is a rectangle with the symbol of a monochrome white hammer and gavel

eSignature Legality Guide

Learn the facts about electronic signature laws and local regulations that govern digital identities and digital certificates for e-signatures among EU member states and around the world.

Read More

Protect Sensitive Data with Strong Authentication

The strongest MFA solutions use step-up authentication and risk-scoring analytics algorithms

Every week brings new reports of data breaches, many of which could have been prevented through multi factor authentication. 

Regulators are responding with more regulations. Adaptive methods and tools can help satisfy these requirements. MFA and adaptive authentication facilitate compliance with GDPR, PSD2, FFIEC, PCI DSS, and more, while also creating a convenient user experience. 

Analyst firm KuppingerCole recently named OneSpan a Market Leader in cloud-based MFA. According to the analyst firm, “the financial space should consider OneSpan for their adaptive authentication with advanced risk analytics and mobile app security requirements.”


Address Requirements for Risk Monitoring

Address compliance requirements with real-time monitoring of transaction risks

Meet PSD2 requirements by ensuring that transaction monitoring mechanisms take into account a number of risk-based factors, including:

  • A list of compromised data
  • Known fraud scenarios
  • Malware infection detection
  • Transaction amount
  • Device/software access 

Help Fast-track Compliance with Pre-configured Rules

Anti-fraud solutions with machine learning facilitate compliance out-of-the-box

A fraud detection and prevention tool should be able to detect fraud and ensure compliance right out-of-the-box. Pre-configured rule sets and predictive machine learning models tuned for specific applications, like mobile, online, and corporate banking, help accelerate compliance with local and industry regulations.

Protect against Mobile Threats

Help fulfill requirements for strong authentication and app security

Globally, regulators are introducing new security requirements to better protect mobile banking and mobile apps. Compliance can include a combination of advanced security measures such as:

  • Dynamic linking
  • Protection against app cloning
  • Strong customer authentication
  • App shielding 

OneSpan can help you implement risk-mitigating controls such as tokenization, encryption for storage and transmission of data, and anti-malware countermeasures.

Capture Detailed Audit Trails

Audit trails help prove compliant practices were followed

In online and mobile processes such as account opening, loans, mortgages, and e-disclosure delivery, capture a detailed record of exactly what the applicant saw and did as part of the process, including steps such as: 

What Customers Are Saying About Audit Trails

The OneSpan Sign audit trail capability is great. We like how there is an audit trail for each loan, and how each screen is recorded in the audit trail with the time stamp. Our compliance department was very satisfied when we viewed that with them.

Wright-patt credit union logo

Benjamin Miller

Commercial Portfolio Analyst

It was very important to have a technology partner with extensive PSD2 expertise. OneSpan was very aware of the legal aspects, as well as the aspects that had the potential to affect the customer.

Bank of Cyprus logo

Toula Efthymiadou

Head Business Solutions – Digital Service Channels

Automate to Enforce a Consistent Process

Strengthen compliance by automating digital agreements

Financial agreements and contracts can be digitized to improve customer experience and reduce the risks of a paper-based workflow. Manual processes result in errors such as missing signatures, which expose an organization to risk.

Through e-signature technology, OneSpan automates signing workflows and enforces business rules. This ensures documents are submitted without errors or omissions. 

More than half of the world’s top 100 global banks rely on OneSpan to help strengthen compliance

deutsche bank


US Bank

Leverage Our Expertise

OneSpan can help you achieve compliance while offering an exceptional and secure customer experience

The information on this site is for informational purposes only and does not constitute legal advice. We recommend that you seek independent professional advice. OneSpan does not accept liability for the contents of these materials.