Category Archives: Corporate

Turning Data Silos into Unified Systems with Customer 360 Platform

Customer 360 Platform has gained traction across the Salesforce ecosystem as a practical way to unify how teams access and use customer data. It promises better alignment between departments, faster insights, and a cleaner operational workflow. For many organizations, it opens the door to solving problems that have long existed in silos: mismatched records, fragmented support experiences, and inconsistent communication.

But to make that happen, organizations need more than tools. They need clarity, structure, and the ability to align their systems and teams around shared priorities.

Let’s dive into what Customer 360 looks like beyond the surface—how it works in real implementations, the challenges it brings, and what we’ve learned from putting it into practice.

customer 360 platform

What Customer 360 Is (and Isn’t)

Customer 360 isn’t a single product. Instead, it’s an approach to connecting Salesforce’s various clouds—Sales, Service, Marketing, Commerce, and more, around a unified customer profile.

This unified view is made possible through:

  • Shared identity management (Customer 360 ID)
  • Integrated data platforms, including Salesforce Data Cloud
  • APIs and event frameworks for data synchronization

The goal is to allow teams to work from the same set of data, no matter what system they’re in. But to get there, you need to actively manage data consistency, resolve identity mismatches and connect platforms in a thoughtful, organized way. In practice, Data Cloud not only centralizes your data but also unlocks analytics, segmentation and AI-powered insights across every Salesforce Cloud.

What Happens When You Go Live

Once you start building out Customer 360 in production, several common realities set in:

1. Identity Resolution Takes Work

It’s rare for companies to have clean, consistent customer records across all systems. Different platforms may store different fields, use different naming conventions, or have duplicated data.

Building unified profiles often involves:

  • Matching and merging customer records
  • Standardizing key fields like names and email addresses
  • Creating rules for which systems are the source of truth

At Oktana, we often help organizations use Salesforce Data Cloud, MuleSoft, or even custom logic in Apex to bring these records together.

2. Real-Time Feels More Like Near-Time

Although Customer 360 aims to support real-time experiences, most integrations operate on slight delays. For example:

  • APIs may introduce several seconds of latency
  • Downstream systems may batch data updates
  • Event-driven architectures depend on the speed of subscribers

For teams using Customer 360 to personalize experiences or power support workflows, it’s important to set the right expectations about what’s actually happening live and where there may be a slight delay.

3. Data Governance Becomes a Priority

Bringing together multiple systems means agreeing on rules around who can access, update, or override certain information.

A successful Customer 360 setup usually includes:

  • Role-based access control
  • Clear data ownership policies
  • Logging and change tracking
  • Compliance support (GDPR, HIPAA, etc.)

These features don’t appear automatically, they need to be defined and implemented as part of your system design.

4. Cross-Cloud Connections Require Custom Solutions

While the Salesforce ecosystem is increasingly connected, Sales Cloud doesn’t automatically inform Marketing Cloud, and Service Cloud doesn’t always update Commerce Cloud. Making those connections work depends on your use cases.

For example:

  • A new support case might need to pause a marketing campaign
  • A returned order might need to update a customer profile in Service Cloud

These actions require integration work. At Oktana, we often build custom solutions using Platform Events, External Services, or integrations via MuleSoft.

Tips Before You Start

Here are a few key steps we suggest before launching any Customer 360 effort:

  1. Audit Your Data

    • Where does customer data live today?
    • Are there duplicates or conflicts between systems?

  2. Define Use Cases Early

    • Are you improving support response time?
    • Creating better marketing segments?
    • Reducing order errors?

  3. Roll Out in Phases

    • Start with a small, meaningful use case
    • Add complexity as you gain clarity and internal momentum

  4. Make Time for Identity Work

    • Profile resolution takes longer than expected
    • Plan for testing, feedback, and refinement

  5. Work with Teams Who’ve Done It

    • Experience helps avoid dead ends and rework
customer 360 platform

How Oktana Helps Teams Build with Customer 360

We’ve spent over a decade building custom Salesforce solutions, from core CRM setups to connected apps across Marketing Cloud, Commerce Cloud, and more. Our Customer 360 work builds on that foundation.

Our approach includes:
  • Designing data models that fit your business, not just the tools
  • Building integrations using MuleSoft, Platform Events, and Apex
  • Setting up dashboards and analytics in Tableau or Salesforce reports
  • Supporting adoption through user training and technical documentation

We also understand that every organization has different systems, goals, and constraints. That’s why we don’t approach Customer 360 with a one-size-fits-all mindset.

It’s a Platform, Not a Shortcut

Customer 360 offers real value, but it’s not a shortcut. It’s a framework for building a shared view of your customers across the organization. That requires careful planning, flexible architecture, and the right team to implement it.

If your organization is already working inside the Salesforce ecosystem and thinking about how to connect the dots, we’re happy to help. Get in touch with us.

Oktana achieves SOC 2 type 2 Certification for 2025

At Oktana, trust is more than a word —it’s the foundation of our relationships with customers, employees, and partners. We are proud to announce our renewal of the SOC 2 Type 2 certification for 2025, underscoring our ongoing commitment to protecting sensitive data and maintaining the highest standards of security, availability, confidentiality, and privacy.

SOC 2 TYPE 2 CERTIFICATION

What does this certification mean for our customers?

SOC 2 Type 2 certification assures that Oktana operates under robust security controls verified by independent auditors over a sustained period. For our customers, this means:

  • Confidence in Data Handling: Your data is managed with rigorous safeguards, ensuring it remains secure and confidential.
  • Mitigated Risks: Our controls reduce the likelihood of data breaches, service disruptions, or other potential threats.
  • Compliance Alignment: Our certification simplifies your compliance efforts by ensuring our operations meet industry-recognized standards.
  • Transparent Operations: External audits validate our commitment to transparency and accountability.

Achieving and maintaining this certification requires robust measures across all areas of our organization, including:

  1. Enhanced Security Frameworks: Implementing advanced tools and processes to safeguard data against evolving threats.
  2. Employee Training: Company-wide education on security protocols and best practices.
  3. Incident Response Planning: A structured approach to quickly identify, contain, and address security incidents.
  4. Continuous Monitoring: Regular reviews and updates to our processes to adapt to emerging challenges.

While certifications like SOC 2 Type 2 often focus on IT and security teams, at Oktana, information security is everyone’s responsibility. Every team member contributes to ensuring a safe and reliable environment for our customers, from developers to marketing.

This collective effort includes monitoring processes, adhering to security protocols, and promoting a culture of trust and accountability across the organization.

SOC 2 Type 2 isn’t just about compliance—it’s about trust. For Oktana, trust means:

  • Reliable Data Management: Ensuring that your sensitive information is handled responsibly and securely.
  • Operational Transparency: Giving you confidence in our ability to meet your expectations.
  • Strong Partnerships: Building relationships based on integrity, reliability, and mutual respect.

SOC 2 Type 2 is not a one-time achievement. It requires annual audits and ongoing improvement of our systems, processes, and controls. This continuous cycle ensures that we stay ahead of potential threats and consistently deliver secure services to our customers.

 

By achieving this certification for 2025, Oktana reaffirms its role as a trusted partner in technology. If you have any questions about how our SOC 2 Type 2 certification benefits you, feel free to reach out—we’re here to support your success.

Guide for Protecting Customer Data with Responsible AI Use

At Oktana, we fully understand both the opportunities and challenges presented by the rise of artificial intelligence (AI) in the tech industry. As a global software development company with over 200 developers across seven offices, we are committed to sustaining a responsible AI use throughout our working structure. This commitment is essential not only to drive innovation but also to safeguard our customers’ data and maintain trust.

Ethical Guidelines for Protecting Customers Data with Responsible AI

What’s Happening with AI?

As AI becomes more prevalent, it’s crucial to understand the associated risks. Publicly available AI tools may seem convenient, but using them without caution can compromise sensitive data. Once data is input into these systems, it becomes part of the AI’s learning process, potentially violating confidentiality agreements and legal standards.

At Oktana, we enforce strict policies to ensure customer data remains private and secure.

Do’s and Don’ts for Responsible AI Use at Oktana

Do’s:

  • Integrity in Use: Be transparent about how AI contributed to your work.
  • Clear Objectives: Define clear objectives for AI use and maintain documented oversight.
  • Safe AI Use Cases: AI can be helpful for non-sensitive tasks like writing email templates, performing small translations, or checking grammar.
  • General Questions Only: When using AI, ask general questions without including any Personally Identifiable Information (PII) from customers or our teammates at Oktana.
  • Account Manager Approval: Always consult the project’s Account Manager before using AI in any development process to ensure customer approval.

Don’ts:

  • No Personal Information: Never input or use any individual’s personal information in an AI tool.
  • No Customer Data: Do not paste customer data—such as proprietary code, internal organization details, or any sensitive information—into AI systems.
  • No Shortcuts with AI: Don’t use AI as a shortcut for tasks that require thoughtful problem-solving or customer-specific insights. AI should assist in routine tasks, not replace critical, customer-facing decision-making processes.
  • No Assumptions: Don’t assume AI systems will always get things right. Always verify AI-generated results to ensure accuracy and alignment with project goals.

“AI is here to handle the routine, giving us the freedom to tap into what makes us uniquely human—our creativity, empathy, and intuition. By taking care of tasks that follow set patterns, AI allows us to explore our true potential, focusing on areas where only human capabilities shine. This is our opportunity to push the boundaries of what we can achieve, with AI handling the rest.”

Silvana D., Trainer at Oktana

Responsible AI Development and Deployment

At Oktana, we align with Salesforce’s Trusted AI Principles to ensure our AI development and deployment are safe, accurate, and ethical. Our customers can trust that our AI-driven solutions always meet the highest security standards.

Salesforce’s AI Principles include:

  • Transparency in AI use
  • Upholding data privacy
  • Ensuring fairness and accuracy in AI outcomes
  • Prioritizing the security of AI systems

Building an AI-Responsible Culture at Oktana

As AI continues to evolve, we are committed to equipping our team with the knowledge and tools they need to use AI responsibly. This is why AI upskilling has become a core part of our training program.

When we saw growing demand for AI solutions from our customers, we didn’t just implement best practices—we embedded responsible AI use into our Annual Compliance Training and expanded our upskilling programs to reflect the latest AI trends. Our team’s impressive median score of 19 out of 20 demonstrates their dedication to mastering these concepts.

We provide ongoing education on AI ethics, best practices, and new regulations, ensuring our teams remain at the forefront of responsible AI development. Our AI Ethics Training covers everything from technical best practices to the impacts of AI, ensuring our team understands not only how to use AI, but why ethical use matters.

This continuous training initiative ensures our team is prepared to navigate the complexities of AI, maintain customer trust, and safeguard sensitive data while delivering innovative solutions.

Additionally, we encourage our team to pursue AI certifications, such as Salesforce AI Associate and Salesforce AI Specialist. To date, 41 team members have earned Salesforce AI certifications, with more in progress.

Conclusion

We believe responsible AI use is the key to unlocking its full potential. By adhering to stringent policies, providing continuous training, and aligning with trusted frameworks like Salesforce’s AI Principles, we ensure that our AI-driven solutions are secure, accurate, and ethical.

As AI handles routine tasks, it allows our developers to focus on what they do best—delivering innovative solutions that prioritize creativity, empathy, and human insight. With AI managing the routine, Oktana is ready to push the boundaries of what we can achieve together.

Interested in working with us? Contact us or check our careers page.

Embracing Responsibility: Oktana’s Commitment to CSR

At Oktana, we’ve built our Corporate Social Responsibility (CSR) initiatives to reflect our dedication to diversity, environmental sustainability, and community engagement. As a leading software development company, we understand our responsibility to drive positive change and are committed to making a significant impact through our efforts.

In today’s landscape, CSR is not just a choice—it’s essential. We have made it our mission to integrate CSR into the pillars of our company, ensuring that our progress benefits not only our customers and employees, but also society and the environment. This article highlights the recent updates we’ve made to our CSR page and our vision for a more responsible and sustainable future.

Driving diversity and inclusion

Diversity and inclusion are core to Oktana’s identity. With a team predominantly based in Latin America, we are committed to creating an inclusive workplace that mirrors the rich diversity of the Americas. 

Our focus on Equal Opportunity Employment and our initiatives to increase female representation in the tech industry demonstrates our commitment to building a workforce where everyone has the opportunity to thrive. Currently, 24% of our technical team are women, and 38% of senior team members are women. We are continuously working to improve this percentage to align with industry standards and foster more opportunities for women in tech.

Committing to environmental sustainability

Environmental conservation is a priority at Oktana. We have implemented various strategies to minimize our environmental footprint, such as eliminating single-use plastics in our offices and encouraging sustainable practices among our employees. 

Our goal to reduce greenhouse gas emissions by 20% by 2030 and our partnership with One Tree Planted, as part of 1t.org’s mission to plant 5,000 trees, demonstrate our commitment to preserving the environment for future generations.

Encouraging community engagement

Giving back to the community is a vital part of Oktana’s CSR strategy. We support a range of volunteer initiatives, empowering our employees to engage with causes they are passionate about from teaching kids to code, to 3D-printing PPE for healthcare workers during the pandemic.

Our involvement in the Pledge 1% initiative further reinforces our commitment to making a meaningful impact beyond our workplace.

Proud of our progress, excited for the future

We are proud of the efforts we have made in our CSR journey, but we recognize there is always more to be done. As we continue to grow, we are dedicated to expanding our initiatives and leading by example within the industry. By prioritizing social responsibility, we believe we can drive positive change both within Oktana and in the wider world.

We are also committed to improving how we calculate and monitor our carbon emissions, ensuring our environmental efforts are as impactful as possible. This includes expanding our sustainability measures and working toward better reporting and accountability for our environmental footprint.

To learn more about our ongoing efforts, visit our Social Responsibility page.

Salesforce Summit Partner, 3 Years Running!

As a Salesforce consulting partner, we’re proud to have earned Summit tier for the third year in a row. 

Summit is the highest tier in the Salesforce Partner Program, previously branded as Platinum. Achieving Summit is no small feat and represents a high level of dedication and expertise across the Salesforce platform.

As an organization, we focus heavily on providing customers with Salesforce optimization and Salesforce staff augmentation, which is different from many other Summit partners that may strictly focus on initial implementations. Our work often includes implementing add-on products or complex integrations, but always includes optimizing the Salesforce products our customers have already invested in to run their business.

Less than 10% of all Salesforce consulting partners achieve Summit tier based on a genuine track record of delivering results and expertise. For us, earning Summit tier each year means a determined commitment across the organization on delivery and training.

In 2023 our team:

  • Earned 352 new Salesforce certifications
  • Completed 43 distinct Salesforce projects
  • Averaged 4.8/5 CSAT across those projects
 

Our Earned Partner Navigator Badges


Based in part on this, expertise is rated in the form of Partner Navigators. We’ve spoken to customers who believe these are paid badges, so it’s worth sharing that they are not – they are based on some of the above criteria and accurately represent our strengths.

For example, our Expert-level Partner Navigators speak to our experience in custom development on the platform and the fact that we’ve built 100+ community portals over the past decade. Managed Services, in the form of staff augmentation, has resulted in customer relationships averaging  4+ years.

Expert level

  1. Customer 360 Platform
  2. Experience Cloud 
  3. Managed Services

For the below Levels, while we didn’t heavily focus on certain aspects like PDO/AppExchange during the evaluation period, our expertise shines in other areas that qualify us for Expert-level distinction.

Level II Specialist

  1. Sales Cloud
  2. Service Cloud

Level I Specialist

  1. Einstein
  2. Industry Products
  3. MuleSoft
  4. Multi-Cloud Integration
  5. PDO/AppExchange

At the heart of our approach lies an unwavering commitment to our client’s success. We understand that every business is unique. From optimizing existing Salesforce systems to providing expert staff augmentation, our focus is on delivering tangible value that drives growth and efficiency. By partnering with us, businesses can trust in our dedication to their success and the transformative impact we bring to their operations.

Contact us today to learn how we can optimize your Salesforce ecosystem and propel your business forward.

 

Oktana Team
[email protected]

 

Tactical Performance Augmentation

The Great Problem in Software Development

The term “Staff Augmentation” was first coined by Gartner, Inc. in 1988. When I started in the IT staff augmentation services industry a few years ago while I was at FullStack Labs, I realized a lot has changed since then. Recently having joined Oktana, this is compounded by the need for talent with skills across both fullstack and Salesforce technologies.

Despite many options available for people to learn to code, including online training and internships, demand has outpaced supply for several decades. There are endless commentaries on the subject, but a 2022 Korn Ferry study cited, “In tech alone, the US could lose out on $162 billion worth of revenues annually unless it finds more high-tech workers.” That’s alarming.

Not only are organizations missing out on revenue but also opportunities to innovate. According to Gartner, “IT executives see the talent shortage as the most significant adoption barrier to 64% of emerging technologies, compared with just 4% in 2020, according to a new survey from Gartner, Inc. A lack of talent availability was cited far more often than other barriers this year, such as implementation cost (29%) or security risk (7%).”

Gartner also shared that the pace of employee turnover is forecast to be 50–75% higher than companies have experienced previously, and the issue is compounded by it taking 18% longer to fill roles today than pre-pandemic.

Obviously, the need for IT staff augmentation has only increased, but traditional solutions may not be good enough for modern challenges.

Traditional Solutions

Due to the everpresent demand that has outstripped supply, organizations across all industries have attempted to find and provide solutions to fill this gap in supply and demand offshore, nearshore and onshore. In the IT sector, these solutions typically cover:

Modern Challenges

These traditional models do provide a modicum of success but, for a number of reasons, there are typically additional challenges – both tactical and performance-related – with these models and many of the vendors that employ these models.

 

Time Zones

There are bountiful offshore resources throughout Asia or Eastern Europe which, if you’re based in the U.S., unfortunately do not provide natural overlap with your team’s working hours. This is a massive issue for productivity as it creates a collaboration barrier that does not support real-time context, problem solving or efficient planning. Even when resources commit to U.S. working hours, this inevitably leads to a day-to-day imbalance in energy and motivation across your team.

 

Language & Culture

Both language and culture have the potential to create communication issues. Many offshore resources either don’t speak English or don’t speak English well enough to communicate efficiently with U.S. clients which results in time loss as gaps in communication around the basics are the concentration rather than the work itself. Cultural norms also differ across the globe and can impact a team’s sense of urgency and willingness to share the true status of your project.

 

Trust

With vendors across the globe, it’s increasingly difficult to find a vendor with the same level of compliance and governance standards as your organization.

 

Length of Service Contracts

Many consultancies require a minimum contract term of 12-18 months or longer. It is hard for you to anticipate your future team size and skill needs up to 18 months in advance, so often clients will over-deploy contract resources. This usually results in excess capital expense and wasted time finding work to “keep the team busy” towards the end of the engagement.

 

Low Initial Visibility

Many vendors require clients to evaluate each candidate based on lengthy CVs and sometimes conduct their own technical interviews. This requires extra time to figure out how to evaluate contracted resources that have already been evaluated by the vendor which results in wasted productivity by your engineering leadership team. The main issue is a lack of consumable content to confirm the team member has the skills to deliver the project and a personality that will mesh well with the culture of your team. This results in a very slow onboarding process, akin to internal hiring when it should, in fact, be simple and much faster.

 

Attrition

High turnover is a big problem when resources feel “left on an island”, increasingly isolated from their consultancy over time, which impacts performance. While not part of their client’s org, and feeling separated from their consultancy, they often leave for a new organization as they are typically unable, contractually, to be hired directly by you.

 

Lack of Career Development

A cause of attrition, frequently vendors lack the infrastructure or incentive to invest in the career development of resources already placed on projects which puts the burden of training and career coaching on you, or leaves the individual team member to guide their path, which impacts overall performance.

What is Tactical Performance Augmentation?

When we realized the common problems above, and saw the challenges the market faces, we thought “What if we could leverage our current way of working to solve all of those problems with a new service product that is leaps and bounds ahead of anything offered by another firm?” Thus, Tactical Performance Augmentation (TPA) was born.

This new model addresses many of the market frustrations currently faced in IT staff augmentation such as slow provisioning of resources, lack of transparency in billing and inflexible length-of-service contracts.

Tactical

Tactical Performance Augmentation allows you to build very specific and focused teams with exactly the right number of people with the right skills. This is the “Tactical” part of TPA and provides maximum flexibility to deliver exactly what you need, when you need it.

Using the TPA model, you structure your team with the combination of developers, quality engineers, scrum masters, UI/UX designers you need at a given time. As your needs change, you can reduce, adjust or increase those resources. 

The best piece of the tactical component is that this is done without the pressure or limitations of a length-of-service contract but instead on a month-to-month basis. You only pay for the team for the exact amount of time you need the team. 

Performance

When we evaluated the market, one of the biggest concerns across IT organizations was the lack of a performance-based offerings by vendors. There was no way for you to measure the ROI of a vendor’s resources on your project, or their efficacy of one vendor against another vendor in your portfolio.

We realized the ability to provide a true Time & Materials cost model is a necessary component in providing performance-based IT staff augmentation. It’s on the vendor to keep performing to earn your business.

That’s the “Performance” component of Tactical Performance Augmentation. Either a vendor delivers on your project, and makes it easy to work with them, or they don’t.

Why Oktana?

Solve Your IT Staff Augmentation Challenges

Oktana has provided tactical team augmentation services to customers for many years, with very high satisfaction scores and positive feedback due to a performance-based model. 

Historically, this augmentation model was utilized after large-scale project delivery engagements. Through Oktana, we have opened access to Tactical Performance Augmentation, our highly transformative approach to staff augmentation, to new customers.

Tactical

The most important aspect of the tactical component of TPA is flexibility. Oktana has always been flexible, working with each customer to help find the perfect team composition based on the work they need to get done. 

We can also address many of the other more tactical challenges companies face when hiring vendors to provide IT staff augmentation services.

Time Zones

We provide nearshore and onshore resources. With locations throughout the Americas, we provide resources with a generous overlap across shared time zones.

Language & Culture 

Our team speaks English, whether native or in addition to Spanish. Though each country has its own unique culture, many of the cultural norms throughout the Americas are shared, or complementary, which makes working as one team a smooth, and fun, experience.

Trust

With onshore resources in addition to nearshore resources and SOC 2 certification, Oktana is a natural fit for organizations with high compliance and governance standards. Our compliance program.

 

Transparent Team Visibility

We provide our customers with transparent Team Transparency Profiles to introduce you to the team we have selected for your project based on their skills, experience, and interest. You will get to know your team as one team and meet them to ensure they are the right fit for your team.

 

Month-to-Month Contracts

We know your needs change. Again, this goes back to flexibility. Set the end date in advance, or simply give us 45 days notice when you want to roll one resource, or the whole team, down.


Performance

We earn your business. We have always provided our customers with a true Time & Materials cost model, meaning, if a resource works 7 hours and 45 minutes on a given day, then that is what we bill you.

This enables you to see how many hours of work got done at the end of a sprint, epic or month, versus how much we invoiced you for that resource, to more accurately calculate velocity. We call it the “Performance-to-Spend ROI”. If you’re not happy with that ROI metric, simply give notice that you would like to transition a specific team member off your project.

It’s on us as a vendor to keep performing to earn your business. We give you the model, tools and process to measure our efficacy against other vendors in your portfolio – or against your own team – to make sure that it makes sense to continue to pay for our service.

Just as we addressed many of the additional tactical challenges, we want to also address some of the additional performance-based issues we know companies face when hiring vendors to provide IT staff augmentation services.

 

Retention

To minimize any of our team members feeling they are on an island, isolated, we build your team in such a way that they will have the support they need. We encourage our customers to treat them as they would treat their own employees to build a connection to their business, just as we make efforts to ensure everyone knows they are what makes Oktana special. We are committed to our team and they are treated with respect and care which carries over to your organization.

 

Career Growth 

We invest in our team’s continuous growth. Our team members complete extensive onboarding training to meet our standards, which customers should trust, and this continues as their career grows with us. Our training team works with each team member to guide a path that enables them to excel on your project and mature in their field while our resourcing team ensures team members move to projects that support their career growth.

 

Platform-Developer-II
Platform-Developer-I
Platform-App-Builder
Pardot-Specialist
OmniStudio-Developer
Nonprofit-Cloud-Consultant
Marketing-Cloud-Email-Specialist
Marketing-Cloud-Administrator
Marketing-Cloud-Administrator (1)
JavaScript-Developer-I
ID and Access Mgmt Architect
Heroku Architect
Experience-Cloud-Consultant
Dev Lifecycle and Deploy Architect
Data Architect
B2C-Commerce-Developer
Application-Architect
Advanced-Administrator
Administrator (1)
ISTQB certified tester

Communication Compliance: The Benefits of Salesforce Chatter

Even though the concept of compliance was born in the financial field, it is now a consideration across numerous industries and has impacted many aspects of our lives. Communication is, of course, a common need across the board. The way we communicate in our companies impacts our ability to meet compliance standards. We apply this mindset when working with all of our customers, like this spirits distributor that needed to create a platform to break barriers and enable their 18,000 employees to collaborate more effectively. 

Managing conversations properly (and the data those conversations produce), is as important as the compliance standards involved in those processes. If you are a Salesforce partner or use Salesforce in your company, you are one step ahead. With a secure platform, you can enhance your internal and external communication strategy and then, meet your compliance standards. Marc Benioff, CEO, and Chairman of Salesforce says: 

“Customers trust us to make them successful, deliver unwavering security, reliability, performance and compliance.” 

Compliance and trust through messaging

Notice that Marc Benioff includes Compliance in his perspective on how to conduct business and approach customers. Trust is Salesforce’s number one value. This vision ensures two crucial benefits for any business. First, every product designed by Salesforce is intended to create reliable relations with customers. It’s not only about sales, it’s about relationships. And second, all of your data is stored and archived safely, so you can access it any time for compliance purposes. 

Chatter, the Salesforce messaging platform for business, also follows compliance regulations to ensure your data and activity are safe. According to Bloomberg Vault, Chatter is also a social media platform, so “it is subject to the same set of regulatory requirements as any other form of social media”. We have helped many customers enhance their communication platforms; these experiences have taught us many good practices to communicate and comply efficiently. 

1. Keep all your data archived in Salesforce

First, what is the golden rule we need to take into consideration? Archive everything! Make sure you archive all your conversations or posts in your org. It is recommended you preserve this data for e-discovery purposes for a period of time defined by various retention requirements. Some day, you may be required to hand over this information for corporate internal audits or even legal or governmental requests. For more information about this, you may want to go over our other article as a starting point: Financial Compliance: Which Agencies?.

2. Make Chatter part of everything

Also remember, as you are using Chatter, you are creating or linking many items related to confidential information such as records, accounts, cases, and more. This information already lives in your Salesforce org, so you’re not moving data to external systems. With everything connected, Chatter and Salesforce remain the center of your workflow, helping you manage compliance more consistently.

3. Involve every employee

Compliance in communication involves employees. Why? Hackers are targeting them. Make sure you train your employees to move all important conversations to Chatter. Email opens the possibility that an employee may respond to a phishing attack, exposing protected data. If you maintain all-important internal conversations in Chatter, you are better able to ensure their safety. You can see in this article why you should be interested in maintaining your employees as security allies.

So, let trust lead the path to better compliance practices and communication management across your company. Remember, the online world brings many resources to make businesses go faster. However, it has also become a common target for cyber attacks. Take the time to set a strong compliance strategy and keep updated on the regulations that impact your business.

Communication Compliance - Tok

Financial Compliance: which agencies?

As we mentioned in our previous article, Financial Compliance: Which Regulations must be considered? compliance was born in the financial sector to minimize risk related to crime, cybersecurity, and data safety. Then, what compliance agencies relate to your business? There are several organizations that regulate standards based on the types of data and procedures your business has in place. Because we frequently help companies in the financial industry integrate with Salesforce, we are familiar with many of the considerations under which they must operate.

US Financial Compliance Agencies

US law is very clear on financial regulations. Companies and entrepreneurs need to understand these standards and ensure their business meets any relevant requirements. It’s not an easy job, but it’s a task that must be done. Here are four of the more important agencies you will need to collaborate with to meet some of your compliance requirements:  

Securities and Exchange Commission (SEC):

Firstly, the SEC was created in 1934 as an answer to the financial crisis of 1929. Its main duty is to regulate the stock market. The SEC requires public corporations to register their stock sales so they can identify stockholders. This procedure increases trust in investors in an environment where transparency is the bedrock. 

Federal Deposit Insurance Corporation (FDIC):

In 1933, the Glass-Steagall Act created the FDIC to insure consumer deposits and to increase trust in the financial sector in the aftermath of the Great Depression. Deposits from banks that are insured by the FDIC are covered in case of bankruptcy, protecting consumer cash. The FDIC also closely examines bank activities to ensure they are behaving as federal norms require.

Federal Financial Institutions Examination Council (FFIEC):

The FFIEC is an agency that establishes guidelines and norms for financial institutions that directly impact their compliance policies. Where can any company review these guidelines? The FFIEC IT Examination Handbook is your bible. Divided into 11 booklets, it has all that you need for compliance-driven management.

Financial Crimes Enforcement Network (FinCEN):

This organization is an important network to investigate individuals related to financial crimes like money laundering or financing of terrorism. Its regulations require financial institutions to provide information for any investigated individual. As you might imagine, these procedures are confidential so demand careful collaboration and expertise from the financial institutions when managing this highly sensitive data.

Other useful resources

Selecting and implementing the correct set of standards can be difficult but ignoring compliance altogether will create issues you can avoid. If you are now aware of it, you may want to delegate someone in your company to manage the compliance requirements. This worker will have to collaborate with the necessary public agencies directly or a private auditing agency to help bring you into compliance. 

Here are some websites that may help you think about the considerations impacting your company: 

  • SecurIT: This portal groups regulations according to each industry. This is very helpful information since you will be able to know which compliance standards you should, at a minimum, consider for your business. 
  • TCDI: This blog emphasizes the importance of compliance and cybersecurity. There is also an extensive list of organizations that regulate compliance. All of these might be enough for a general overview.  

All of these standards demand good data storage strategies. There is no way to succeed at complying with the agencies if your company is not able to store and report data. If you are a Salesforce customer, congratulations! You are on a great platform to keep your customer data safe. If not, we’ve helped financial services and fintech customers integrate with Salesforce, always mindful of their compliance requirements. In fact, while many of our resources are nearshore, we opened an onshore office in 2020 to help us meet the compliance needs of these customers.

Finally, your internal communications are just as important as your customer data, and subject to compliance regulations. If you need to keep all your employee messages archived in a trusted platform, like your Salesforce org, Slack can be a good choice for you and your team.

 

Communication Compliance - Tok

 

Financial Compliance: Which regulations must be considered?

Why is compliance so important? It minimizes risks and creates trust among industries, governments, and people. This sounds like a no brainer, but the challenge is figuring out which compliance standards fit your business. One mistake could cause huge debts and lawsuits. This issue is particularly serious for the financial sector, which has legal and operational standards that are the bedrock of compliance management. Since banking is a pioneer in compliance management, we are going to take a deeper look at the regulations they must follow. 

Financial Compliance and law framework

Over the years, the world has become more connected and tons of data is processed, shared, and stored through the digital ecosystem. The internet has become a necessary resource, but a good threat opportunity for theft and hackers. In an attempt to minimize risk, public and private institutions have created norms and regulations to ensure data safety. So, which are the main compliance regulations that businesses located in the financial field must consider? We have highlighted the most important laws that impact the financial market. 

  • The Dodd-Frank Act [2]: Was passed by the US Congress and signed into law by President Obama in 2010. It aims to enhance the way the financial market is deploying accountability, transparency, and consumer protection procedures. This act enforces the need of storing records for every transaction. The thing organizations sometimes miss is that any activity related to trade must be stored as well. This includes electronic communication such as emails, chats, voice messages, and so on. 
  • Bank Secrecy Act (BSA AML) [2]: Also known as the Anti-Money Laundering Act, this act was created in 1970 and requires every company to cooperate with the US government in the aim of detecting money laundering. Thanks to the BSA-AML act, we all need to provide data under request. Since this regulation has been in the market for more than 50 years, you might be familiar with it. If not, you should know it emphasizes the importance of keeping your data storage. What else do you need to do? This act requires companies to delegate compliance responsibilities to an individual and also create a training program for appropriate personnel regarding compliance standards. 
  • Sarbanes-Oxley Act. Signed into law in 2002 to strengthen financial regulations. In the beginning, businesses didn’t take it well, but eventually, it contributed to counteract the effect of the economic crisis in 2008. This act raised the standards given for audit reports, but this is something we all can expect with a new act. What is new? SOX also gave legal protection to whistleblowers to testify in court about any illegal practices they are aware of without any retaliation. Be sure to train your employees to identify any practice that infringes on compliance in your business. You have a good opportunity to make them allies.

Consumers in the centre of compliance

As consumers are becoming more important, they are also protected by compliance regulations that companies need to follow. Data privacy and accessibility are just one of the areas you need to nurture. 

  • Gramm-Leach-Bliley Act (GLBA): Requires financial institutions to explain to customers their information-sharing practices and to safeguard consumer information. To ensure the correct execution of this, companies must establish a security program that protects consumers’ nonpublic personal information (NPI). NPI includes name, address, income, Social Security number, account numbers, payment history, loan or deposit balances, credit or debit card purchases, court records, and consumer reports.
  • Fair and Accurate Credit Transactions Act: FACTA, signed into law in 2003, enforces consumer power by enhancing procedures to ensure the accuracy of their credit records. With FACTA, consumers have the right to ask for a credit report each year. This act also provides resources to prevent crimes such as identity theft. 

Data is important for compliance purposes. As we recommended to one of our financial customers: If you are using Salesforce, integrate your system and take advantage of all the resources you have (Salesforce Sales Cloud, Service Cloud, Analytics, Einstein AI, and more). You will build close relationships with your customers while meeting your compliance standards. Also, don’t forget your employees.  

 

Financial Compliance