How identity management protects the European financial system

The European Central Bank, as a supervisory authority, requires a variety of processes and supporting applications, all of which are accessible to users through a portal. Access to these applications is strictly control by the bank in accordance with the highest security standards. The bank adheres to a Zero Trust security model and requires European data residency for all its data processing.

Due to these stringent requirements, the ECB could never use a fragmented approach to access control. Instead, it required a single identity and access management (IAM) platform that is flexible enough to delegate user and access management to the banks and other stakeholders under its supervision.

The ECB chose to partner with Thales OneWelcome for their modern IAM system that enables centralised, secure access to applications for the supervision process, document exchange, breach reporting, amongst others. The EBC is empowered by Thales OneWelcome’s fine-grained access control model, which allows the delegated administrators within supervised banks to invite colleagues to fulfil parts of the process and exchange information with the EBC. This relieves the EBC of the responsibility and administrative burden of maintaining users, which is a significant advantage given the large user base.

Thales OneWelcome’s Mobile Identity solution, which uses multi-factor authentication and allows for securely sending and receiving messages and signing transactions, was also added to the ECB’s app for faster, more user-friendly data exchange. With the help of Thales OneWelcome, the ECB is paving the way towards a more streamlined, user-friendly IAM for its thousands of users while adhering to the highest security standards.