Web Access Control Manager Secure Access Solution

Harnessing the Power of Web Access Control Manager

West Highland’s Web Access Control Manager Secure Access Solution addresses SEC Regulation Systems Compliance (SCI). Our solution allows clients using Single Bank Portal to trade FX, FI and Cross Assets to comply with the regulation and provides security required in the regulation.



Fixed Income and Foreign Exchange Single Bank Trading Portals allow traders to trade assets on behalf of their firm. With enhancements to these trading services, closed systems have been migrated to light weight portals delivered via the public internet. These closed systems were very expensive to maintain and used proprietary technology that was hard to support. Also, traders had to be in the office to trade or in a Disaster Recovery office, which was also very expensive to deploy and maintain. The lightweight portals via internet connectivity allow traders the flexibility to work in a hybrid environment. This flexibility came at a cost which is why Regulation SCI was established.

Users of these portals know their Trading Portal credentials and could share them which effects the integrity of their trading

Many of these systems have no auto time-out function which creates a security and compliance risk should a trader leave their desk

Removing unused trading services is a very manual process and in many cases is not known and at best is not maintained

There are no password reset policies with many of these services exposing the firm to being at risk in violating their own compliance password reset rules

Process to add, remove trading services is manual and requires multiple processes to add or remove a user from the Access Identity Management System and vendor entitlements. Off-boarding of users has typically been a problem for the industry for decades.


West Highland’s WACM Secure Access Solution addresses SEC regulation SCI enabling clients to achieve compliance with the regulation. It provides all the security and compliance capability outlined in the regulation. This includes:

Storing all user and service credentials in a centralized vault

The ability to set a timeout for each trader based on a timeout policy

Provides reporting of non-usage to ensure service access is up to date and accurate

Automation to receive service changes, adds, and removals from client Access Hubs

Automation to reset passwords to trading venues based on client policies

Integrates with client Access Identity Management (such as SailPoint) to normalize the different single bank entitlement file formats to a file format that the AIM requires

Website screen locations are saved to the user doesn’t have to reposition their windows each time they log into the portals


Completely & securely control access to portals / websites, etc.

Ensures compliance with licensing agreements and SEC Regulation System Compliance Integrity rules
Tracks usage / non-usage activities

Integrates with client Active Directory, users sign into our service with their corporate credentials

Integrates with client password Vault for storing each service credentials (user does not know their password)

Integrates with client Access Identity Management (such as SailPoint) to normalize the different single bank entitlement file formats to a file format that the AIM requires

Integrates with client Access Hub to automate the management of user add, moves, and changes

Automated password reset policy (based on client policy) to ensure that passwords are refreshed. Clients have been very excited about this feature as it completely removes the manual process of password resets and allows our software (WACM) to automate and control them.

Saves the screen locations where the trader places their website windows – (Like the old green screen monitors)

Fully deployed at client premise, or hosted / cloud deployed at client request