© nyse blue. all rights reserved. nyse blue security concerns for offset registries july 26, 2011
TRANSCRIPT
![Page 1: © NYSE Blue. All Rights Reserved. NYSE Blue Security Concerns for Offset Registries July 26, 2011](https://reader035.vdocuments.mx/reader035/viewer/2022062518/56649e985503460f94b9b9f4/html5/thumbnails/1.jpg)
© NYSE Blue. All Rights Reserved.
NYSE Blue Security Concerns for Offset Registries
July 26, 2011
![Page 2: © NYSE Blue. All Rights Reserved. NYSE Blue Security Concerns for Offset Registries July 26, 2011](https://reader035.vdocuments.mx/reader035/viewer/2022062518/56649e985503460f94b9b9f4/html5/thumbnails/2.jpg)
Security Framework for an Offset Program
Registry Technology
Know Your Client Procedures
Program Legal & Operational Rules
Training on User Best Practices
![Page 3: © NYSE Blue. All Rights Reserved. NYSE Blue Security Concerns for Offset Registries July 26, 2011](https://reader035.vdocuments.mx/reader035/viewer/2022062518/56649e985503460f94b9b9f4/html5/thumbnails/3.jpg)
Registry Technology
Encrypted connection (HTTPS)
Disable user ID upon 3 incorrect logins
Ongoing vulnerability testing for registry
Later this year, introduction of two-factor authentication
![Page 4: © NYSE Blue. All Rights Reserved. NYSE Blue Security Concerns for Offset Registries July 26, 2011](https://reader035.vdocuments.mx/reader035/viewer/2022062518/56649e985503460f94b9b9f4/html5/thumbnails/4.jpg)
Know Your Client Procedures
Identify clients and ascertain relevant information about their businesses
• Request copies of documents confirming identity of legal entity organization documents, memorandum of incorporation, bank accounts, utility bills
• Become familiar with the principals and ask for identification documents such as drivers license, passports, and birth certificates
• Review marketing materials and business plan
Perform OFAC / AML checks to ensure entities not found on Terrorist Watch lists.
Monitor activity to ensure it matches the company profile
![Page 5: © NYSE Blue. All Rights Reserved. NYSE Blue Security Concerns for Offset Registries July 26, 2011](https://reader035.vdocuments.mx/reader035/viewer/2022062518/56649e985503460f94b9b9f4/html5/thumbnails/5.jpg)
Program Legal & Operational Rules
• Omnibus accounts– Only a regulated entity can maintain an omnibus account (and these regulated
entities must show proof of proper KYC procedures)– Certain unregulated entities can be given the ability to maintain omnibus
accounts
• Retirement of credits in omnibus accounts– Retirement of greater than 99 credits on behalf of a client must be done in an
specific client sub-account– Retirement of greater than 99k credits on behalf of a client must be made public
![Page 6: © NYSE Blue. All Rights Reserved. NYSE Blue Security Concerns for Offset Registries July 26, 2011](https://reader035.vdocuments.mx/reader035/viewer/2022062518/56649e985503460f94b9b9f4/html5/thumbnails/6.jpg)
Registry User Best Practices
Use latest anti-virus protection programs
Update contact information for users/logins to their account
Users should not access The Reserve from public locations where others could capture their confidential information.
Diligent monitoring of account activity
Perform weekly/monthly account reviews to ensure data is correct
Users should pay close attention to the registry notifications for transfer confirmations.
![Page 7: © NYSE Blue. All Rights Reserved. NYSE Blue Security Concerns for Offset Registries July 26, 2011](https://reader035.vdocuments.mx/reader035/viewer/2022062518/56649e985503460f94b9b9f4/html5/thumbnails/7.jpg)