Reg. E reform and RDC

October 18, 2010 Tom Hinkel Hot Topics 0 comment Like

I recently ran across an excellent post on this topic regarding the fact that even though Reg. E does not currently regard corporate and municipal accounts the same as consumer accounts, they do, in fact, pose the same risk to the financial institution. As the original post on Krebs’ site points out, why should the proposed changes to Reg. E stop at municipalities? Corporate accounts are being targeted as well, and recent corporation vs. FI court cases are being decided (or quietly settled) in favor of the corporation. FI’s would be wise to regard remote capture devices and ACH/Wire origination devices as de-facto extensions of their own network. Once the true risk of these remote devices is understood, how many FI’s would find the residual risk acceptable?

The only alternative is to implement additional controls (beyond a strong contract) designed to educate the customer on security basics, and monitor the security status of their devices.

Tags

Tom Hinkel

As author of the Compliance Guru website, Hinkel shares easy to digest information security tidbits with financial institutions across the country. With almost twenty years’ experience, Hinkel’s areas of expertise spans the entire spectrum of information technology. He is also the VP of Compliance Services at Safe Systems, a community banking tech company, where he ensures that their services incorporate the appropriate financial industry regulations and best practices.

tom.hinkel@safesystems.com

Write a Comment Cancel reply

You must be logged in to post a comment.