DCV Certifications and Ratings
ISO 27001 STANDARD CERTIFICATION
During the month of November 2019, DCV successfully achieved the ISO 27001 certification for Information Security. This is the principal international standard on this matter and seeks to protect and preserve the confidentiality, integrity and availability of information from a wide range of threats.
What DCV achieves with this certification is to ensure the integrity, reliability and availability of information; implement international standards associated with information security; develop an adequate security policy aligned with the business; and develop, adopt and promote measures to reduce the impact of a security incident.
TThe certification is valid for three years but considers reviews each year.
To see certificate click HERE (Spanish Only)
Quality Assessment Certification. Internal Audit.
During November 2017 DCV obtained certification of its internal audit process from the Institute of Internal Auditors of Spain, which is an entity authorized by the Global Institute of Internal Auditors (IIA Global), the world’s highest authority on the matter.
The Quality Assessment (QA) shows the commitment of DCV’s control and compliance management team in connection with the compliance with International Standards for the Professional Practice of Internal Auditing and to continuously improve its quality, professionalism and best practices.
This certification confirms that DCV is a company constantly searching for best practices and standards at a global level.
Thomas Murray A+
In 2014, DCV reengaged Thomas Murray services, a British company specializing in rating the risk of entities that form part of the capital markets’ infrastructure globally, with the purpose of performing an update of the rating carried out in 2011.
The assessment of the global risk performed that year has positioned DCV in a low-risk level by ratifying the A+ rating over the average risk of depositories in America, surpassed only by Brazil in Latin America, and by Canada and the United States in North America.
The measurement considered six risk dimensions and in this occasion, two new ones have been added: Asset Commitment Risk and Governance and Transparency Risk (G&T Risk). “Asset Commitment Risk” considers the risk involved by the time where the securities or the money are withheld until it is received by the counterparty. In turn, “Governance and Transparency Risk (G&T Risk)” reflects the risk of a participant incurring in loss on account of DCV not acting according to the laws or regulations, or not submitting complete or accurate information concerning its activities or the securities market activities.
These two new assessments have affected the global results of the Company, so maintaining the A+ rating obtained in 2011 has resulted in significant progress for DCV.
The assessment implies a global revision of DCV processes, projects and environment, including controlling entities and participants, who through interviews, provide information for the global assessment.
To view the report click HERE
Certification to ISO 22301
During September 2016, DCV successfully achieved certification with Worldwide recognized at a global leveltion in the ISO 22301:2012 standard “Corporate security – Business continuity management systems – Requirements”, held by the British Standards Institution (BSI).
ISO 22301 is an international standard for business continuity management which that identifies the foundations fundamentals, and establishes the process, principles and terminology of business continuity management. It provides a basis for the understanding, development and implementation of business continuity within your organization.
This certification confirms globally that DCV is a company, which besides its experience, is able to respond quickly and effectively when facing a threat of unexpected and potentially devastating interruption of its operations, protects its business and reputation, and preserves the interests of its stakeholders.
To see certificate click HERE (Spanish Only)
Certificate of Adoption and Implementation of the Crime Prevention Model
On april 14, 2020 after a continuous process of monitoring and testing, BH Compliance Limitada, has returned to certify that the Central Depository of Securities and DCV Registries have a Crime Prevention Model implemented according to the requirements dictated by the Law 20,393, in relation to its situation, size, turnover, income level and complexity.
The certification states that the crime prevention model adopted and implemented by the company has in all material respects the elements listed in the law, according to the specific needs of said company and that it is known to all the organization.
This certification gives directors a history of fulfilling their supervision duties for the CMF, shareholders and the Public Prosecutor, thus reducing the risk of sanctions, fines and public exposure.
For certified DCV click HERE (SPANISH ONLY)
For certified DCV Registros click HERE (SPANISH ONLY)
Certification to BS 25999
In October 2013 the DCV successfully completed the certification process in the BS 25999 awarded by BSI Group, one of the leading certification bodies in the world , validating DCV commitment to the implementation of international best practices in a process based on continuous improvement.
Business continuity is one of the strategic pillars of DCV , and under it , a Management System Business Continuity ( BCMS ) was designed under the British standard BS 25999 , which provides a plan of good management practices and preventive solutions to unexpected interruptions that could affect the operation of the company; as a loss of energy, severe weather conditions , epidemics or political instability .
This achievement is certainly a differentiator to CSDs and confirms that services are delivered to the market under the highest standards and measures to ensure its continuity.
About BSI Group
British Standards Institution (BSI Group) is the national standards body of the UK, recognized globally for its independence, integrity and innovation in the creation of standards that promote best practices in continuity. BSI Group provides independent certification of management systems , as well as provide the certification through training : www.bsigroup.com
Since 2009, DCV has presented this report, which is prepared, and evaluated by an external auditing company.
SSAE-18 is an independent report on the internal control structure of the organization that provides services to third parties, especially those that affect the internal control structure of the user organization.
DCV and DCVR issue a TYPE II report which certifies the controls put in place and the evidence on the operational effectiveness of these controls. The controls are tested for a specific period, not less than 11 months, with which it is possible to conclude with reasonable certainty if they have functioned or not during that period of time.
The benefits this report brings to DCV are:
- Provides an independent evaluation of the organization’s control procedures.
- Provides the organization a level of “reasonable certainty” of the integrity of the controls established in the different business processes and systems.
- Minimizes the number of audits on “internal controls” of the service organization requested by the different clients and auditing firms thereof.
- Identifies the more critical processes.
- Permits the demonstration of an adequate control environment and the seriousness of the organization.
- Permits being on the cutting edge of compliance with the international standards.
The processes evaluated in this report are, among others:
Custody and Withdrawal of securities, Administration of capital events, transfer of securities, customer service desk (MAC), Central registry of issuances, limit control, Collection of SADE remuneration, Agreements; International custody.
Stock transfer, stockholdings, securities management, management of issuers, Stock inquiries, Generation and payment of dividends, Payment to Firefighters, Corporate events, Preemptive offer.
(General coordination of information technologies) Organization and administration, Development and maintenance, Change control of infrastructure and applications, Physical access control and environmental controls, Logical access control, Operation and support.
In 2009 the Information Systems Audit and Control Association (ISACA) certifies DCV’s internal audit team, obtaining a CISA (Certified Information Systems Auditor) certification. This certification distinguishes the internal audit team as professionals with proven training in audit, control and information systems security, in conformity with standards and guidelines that are accepted worldwide, allowing us to make sure that the IT of the companies and the business systems are controlled, monitored and assessed properly and efficiently.
This certification is based on an international standard, accredited by the American National Standards Institute (ANSI) and approved by the Department of Defense of the United States (DoD) in the category of Technical Information Assurance (DoD 8570.01-M).
During 2016, internal audit staff (3) obtained the certification to evaluate with respect to this standard that provides the generic principles and guidelines on risk management.