Your browser version is outdated. We recommend that you update your browser to the latest version.

OANDA Corporation

Anthony supported the company with various compliance initiatives over a number of years from Oct 2017 to June 2020.  Highlights of this assistance are:

- Identification, documentation and assessment of necessary controls for achieving a successful CSAE 3416 audit across business and IT oriented processes

- Developed a detailed business impact assessment (BIA) for all areas of the business, establishing priorities and action plans for development of DRPs and amendment of existing of BCPs

- Updated corporate and regional BCPs and coordinated the BCP testing plans at the various offices

- Evaluation of the FX trading system of controls for determining compliance to regulatory requirements, namely the National Futures Association (NFA) Compliance Rule 2-36(e) and supporting guidance in Interpretative Notice 9060.  In this evaluation, a detailed evaluation and examination of the trading engine's pricing, order allocation and settlement processes were performed.

- Conducted a comprehensive Threat Risk Assessment (TRA) to identify information security risks impacting business critical assets of the company.  High ranking threats and vulnerabilities were identified and were mapped to existing remediation activities or projects underway or recommendations were made on the particular threats/vulnerabilities.

- Conducted a Risk Management Program audit to report on compliance to the risk management requirements specified in NFA Compliance Rule 2-36 and Interpretive Notice 9069.

- Evaluated existing Information Security policies and procedures for adequacy and compliance to NFA regulatory requirements, specifically Interpretative Notices 2-9, 2-10, 2-36 and 2-49