I have a question about Fedline. Will regulators write us up for having Fedline on a PC in the lobby of the bank?
Possibly, I have seen that. The issue is with the extreme sensitivity of data processed on that device, so if you want to leave it where it is, your response should focus on the physical and administrative controls in place. For example how is the device physically secured? Is it completely in the open or behind a barrier of some sort? Could anyone simply walk up to it and sit down? Is it clearly identified as the Fedline machine? What about passwords and authentication devices? Is it left logged in? Is dual authentication required to access Fedline; one to the network and another one to the application? What about dual control for transactions? Who reviews activity reports? How often?
SO they may say something, but if you have a response ready that addresses these questions they probably won’t write you up for it. On the other hand if you just don’t want to deal with the hassle, you can put it behind the teller line. Oh, and one more thing…wherever you decide to put the Fedline PC, don’t use a wireless keyboard!