# Skills tagged "Financial Services" 17 skills with this tag. URL: https://rakenne.app/skill-tags/financial-services/index.md - [AML/BSA Compliance Program (Fintech & MSB)](https://rakenne.app/skills/aml-bsa-compliance-program/index.md) — Draft a complete AML/BSA compliance program for non-bank financial institutions — fintechs, MSBs, crypto exchanges, and insurance companies. Covers all five BSA pillars: compliance officer, policies, … - [CFPB — Consumer Complaint Response & UDAAP Compliance](https://rakenne.app/skills/us-cfpb-complaint-udaap-compliance/index.md) — Draft and validate consumer complaint management programme and UDAAP compliance documentation for CFPB-supervised entities. Covers complaint response timelines, UDAAP risk assessment, fair lending, … - [Cyber Threat Information Sharing (DORA Art. 45)](https://rakenne.app/skills/dora-information-sharing/index.md) — Draft information sharing arrangements for exchanging cyber threat intelligence per DORA Art. 45, covering participation agreements, data protection safeguards, sharing protocols (TLP, STIX/TAXII), … - [Digital Operational Resilience Testing Program (DORA)](https://rakenne.app/skills/dora-resilience-testing/index.md) — Design the resilience testing program required by DORA Arts. 24-27, covering basic testing (vulnerability assessments, penetration testing, scenario-based tests) and advanced TLPT for significant … - [DORA Gap Assessment](https://rakenne.app/skills/dora-gap-assessment/index.md) — Conduct a comprehensive gap assessment against all five DORA pillars: ICT risk management, incident management, resilience testing, third-party risk, and information sharing. Produces a scored … - [DORA ICT Incident Classification & Reporting](https://rakenne.app/skills/dora-incident-classification/index.md) — Classify ICT incidents using DORA RTS 2024/1772 criteria and produce initial, intermediate, and final notification reports per ITS 2025/302 templates for submission to competent authorities. - [DORA Information Register (ICT Third-Party Arrangements)](https://rakenne.app/skills/dora-information-register/index.md) — Create and maintain the Register of Information on ICT third-party service arrangements required by DORA Art. 28(3) and ITS 2024/2956. Covers entity identification, TPP data, contractual arrangements, … - [DORA Policy Generator](https://rakenne.app/skills/dora-policy-generator/index.md) — Generate the complete set of policies required by DORA from organizational context. Covers ICT security, risk management, incident management, business continuity, third-party risk, access control, … - [ICT Business Continuity & Disaster Recovery (DORA)](https://rakenne.app/skills/dora-business-continuity-ict/index.md) — Draft the ICT business continuity policy and disaster recovery plan required by DORA Articles 11-12, covering recovery objectives, switchover procedures, backup policies, continuity testing, and … - [ICT Contractual Provisions (DORA Art. 30)](https://rakenne.app/skills/dora-contractual-provisions/index.md) — Draft and review contractual provisions for ICT service provider agreements per DORA Art. 30, covering general requirements, enhanced provisions for critical functions, sub-outsourcing, audit rights, … - [ICT Risk Management Framework (DORA)](https://rakenne.app/skills/dora-ict-risk-framework/index.md) — Draft the complete ICT risk management framework required by the EU Digital Operational Resilience Act (DORA), covering governance, asset identification, protection, detection, response, recovery, and … - [ICT Subcontracting Oversight (DORA)](https://rakenne.app/skills/dora-subcontracting-oversight/index.md) — Draft the ICT subcontracting oversight framework per DORA and RTS 2025/0532, covering conditions for sub-outsourcing critical functions, notification and approval processes, concentration risk, and … - [ICT Third-Party Risk Policy (DORA)](https://rakenne.app/skills/dora-third-party-policy/index.md) — Draft the ICT third-party risk management policy required by DORA Art. 28 and RTS 2024/1773, covering strategy, due diligence, contractual provisions (Art. 30), monitoring, exit planning, … - [Individual Accountability Framework (IAF/SEAR) — Ireland](https://rakenne.app/skills/iaf-sear-ireland/index.md) — Draft and validate Statements of Responsibility and Management Responsibilities Maps for the Central Bank of Ireland IAF and SEAR. Supports banks, insurers, and investment firms. Includes gap … - [Management Body ICT Risk Report (DORA)](https://rakenne.app/skills/dora-board-reporting/index.md) — Draft periodic ICT risk reports for the management body per DORA Art. 5, covering risk posture, incidents, resilience testing, third-party risk, compliance status, and budget allocation. - [MAS TRM — Technology Risk Management Framework](https://rakenne.app/skills/sg-mas-trm-risk-framework/index.md) — Draft and validate the Technology Risk Management framework for MAS-regulated financial institutions. Covers governance, IT resilience, cyber security, data loss prevention, and technology audit per … - [Nordic AML/CFT — Enterprise-Wide Risk Assessment](https://rakenne.app/skills/nordic-aml-cft-risk-assessment/index.md) — Draft and validate the enterprise-wide AML/CFT risk assessment for Nordic supervisors. Covers inherent risk, control effectiveness, residual risk, and risk appetite per Joint ESA Guidelines and AMLD6. --- Back to [All Tags](https://rakenne.app/skill-tags/) | [Skill Library](https://rakenne.app/skills/)