Information Security, Compliance and Governance

Information Security



Information Security is critical to Credit Benchmark’s success, and the confidentiality of client’s data is our top priority.

  • Strong management commitment with oversight from the CEO and the board. Overall authority and responsibility for implementation and management delegated to the CTO.
  • Physical Security: bank-grade security at our office site, physical separation of data room.
  • Two separate technical environments:
    • Secure data processing environment hosted by CenturyLink (and ISO27001 and SOC1 datacenter)
    • Credit Benchmark enterprise environment
  • Twice Annual Penetration Testing by independent third parties
  • Client data encrypted at rest and in transit




CB has a designated compliance committee providing oversight across multiple compliance programmes including:

  • Information Security: robust information security architecture to maintain confidentiality of financial institutions. Sensitive data is received and delivered via secure transmissions and hosted in a compliant technology environment.
  • Governance: data is delivered using industry-standard quorate rules for contributed data models. A minimum of three observations on an entity are required for data to be published in order to maintain client confidentiality.
  • Compliance with code of business conduct: All employees are required to maintain the highest standards of conduct, supported by training and regular affirmations of the code.




Methodology Committee: Forum for all contributing financial institutions:

  • Meet two times a year
  • Objective is to ensure highest standards for data equality and maximum relevance for outputs
  • Anti Trust counsel presence ensures compliance

Topics include:

  1. Data comparability and consistency
  2. Quorate publication rules
  3. Oversight of Credit Benchmark Consensus (“CBC”) categories
  4. Regulatory reporting issues
  5. Development priorities

A Technical Advisory Panel meets on an ad hoc basis to:

  • Ensure that the suite of data is optimized for credit risk management
  • Advise on potential academic applications of the aggregated content
  • Provide support for the research & development of new products
Follow us on:

Credit Benchmark brings together internal credit risk views from over 40 leading global financial institutions. The contributions are anonymized, aggregated, and published in the form of consensus ratings and aggregate analytics to provide an independent, real-world perspective of credit risk. Risk and investment professionals at banks, insurance companies, asset managers and other financial firms use the data for insights into the unrated, monitoring and alerting within their portfolios, benchmarking, assessing and analyzing trends, and fulfilling regulatory requirements and capital.