Compliance Guru • FFIEC Guidance
  • Ask the Guru
  • The Guru Speaks
  • About
  • Ask the Guru
  • The Guru Speaks
  • About
The Compliance Guru Pictogram

Are You Ready for the New BCM Handbook?

Take the Quiz

Moving Beyond the ACET: Next Steps

Get a Copy

Role of the Information Security Officer

Get a Copy

Looking Ahead to 2021
By The Safe Systems Compliance Team  |  In From the Field

A Look Back at 2020 and a Look Ahead to 2021: A Regulatory Compliance Update

From SafeSystems.com/Safe-Systems-Blog Safe Systems recently published a two-part regulatory compliance blog series that looked back at 2020 and ahead to 2021. In Part 1, we explored how regulations related to the Pandemic dominated the compliance landscape early in 2020 forcing financial institutions to make adjustments to their procedures and practices on the fly. In Part […]

Read Post 0
Hot Topic: Ransomware on the Radar
By The Safe Systems Compliance Team  |  In Hot Topics

Hot Topic: Ransomware on the Radar (Updated)

Both the State banking regulators and the Treasury Department have issued recent advisories to financial institutions regarding the ransomware threat. Ransomware is defined as a form of malicious software (“malware”) designed to block access to a computer system or data, often by encrypting data or programs, in order to extort ransom payments from victims in […]

Read Post 0
Testing or Exercise?
By The Safe Systems Compliance Team  |  In Reading Between the Lines

Compliance Quick Bites – Tests vs. Exercises, and the Resiliency Factor

One of several changes implemented in the 2019 FFIEC BCM Examination Handbook is a subtle but important differentiation between a BCMP “test” and an “exercise”. I discussed some of the more material changes here, but we’re starting to see examiner scrutiny into not just if, but exactly what and how you’re testing. According to the […]

Read Post 0
Ask the Guru – Can We Apply Similar Controls to Satisfy Both GLBA and GDPR
By The Safe Systems Compliance Team  |  In Ask the Guru

Can We Apply Similar Controls to Satisfy Both GLBA and GDPR?

Hey Guru! Are the Gramm–Leach–Bliley Act (GLBA) and the General Data Protection Regulation (GDPR) similar enough to apply the same or equivalent set of layered controls? My understanding is that GDPR has placed a higher premium on the protection of a narrower definition of data. So, my question is more about whether FFIEC requirements for […]

Read Post 0
Reading Between the Lines
By The Safe Systems Compliance Team  |  In Reading Between the Lines

Reading Between the Lines: The Interagency Examiner Guidance for Assessing Safety and Soundness During COVID-19

On June 23, 2020, the FDIC posted “The Interagency Examiner Guidance for Assessing Safety and Soundness Considering the Effect of the COVID-19 Pandemic on Institutions.” FIL-64-2020 This statement this is only one of several interagency statements issued since the start of the Covid-19 Pandemic outlining supervisory principles examiners will use to guide their safety and […]

Read Post 0
Reading Between the Lines
By The Safe Systems Compliance Team  |  In Reading Between the Lines

Reading Between the Lines: Recent Regulatory News

March 30, 2020 – Federal Reserve Statement on Supervisory Activities Where did it come from, and where can I find it? The Federal Reserve Who needs to know about it? All financial institutions supervised by the Federal Reserve Why was it Issued? To address adjustments in their supervisory approach in light of COVID-19 What does […]

Read Post 0
Are Banks and Credit Unions Required to Address Your COVID-19 Readiness with Your Customers?
By The Safe Systems Compliance Team  |  In Ask the Guru

Are You Required to Address Your COVID-19 Readiness with Your Customers?

Hey Guru! Are we required to post any kind of statement to the public or our customers as to our readiness for the COVID-19? If so, can you direct me to the kinds of things we need to say? We are working on an ad to educate our customers on how to use our online […]

Read Post 0
Kids Wearing Mask to Combat Cornavirus
By The Safe Systems Compliance Team  |  In Hot Topics

FFIEC Issues Statement on Pandemic Planning

Background Similar to the Joint Statement on Destructive Malware issued in January in response to heightened geopolitical cyber risks from foreign actors, the FFIEC just released an Interagency Statement on Pandemic Planning in response to the current COVID-19 epidemic. Similar to the Destructive Malware statement, this statement does not impose any additional regulatory expectations on […]

Read Post 0
FFIEC Rewrites Business Continuity guidance
By The Safe Systems Compliance Team  |  In Hot Topics

FFIEC Rewrites Business Continuity Guidance

The all new IT Examination Handbook is more than an update, it’s a complete re-write, and represents a significant change in how the business continuity process is managed. It also has several new expectations regulators will be looking for from financial institutions1. In fact, that is one of the most interesting changes; the term “institution” […]

Read Post 0
Scheduling IT Audits Using Risk Scoring
By The Safe Systems Compliance Team  |  In Ask the Guru

Using Risk Scoring to Determine the Frequency of IT Audits

Hey Guru! In my last IT examination, one of the findings was that the scope and cycle of our IT audits should be more closely tied to risk. We have IT audits every 12 months, what else should we be doing? By conducting Information Technology audits every 12 months, you’ve effectively (and correctly) determined that […]

Read Post 0
Banker reading over the FFIEC's latest press release
By The Safe Systems Compliance Team  |  In Hot Topics

FFIEC Issues Press Release on Cybersecurity Preparedness Assessments (and Muddies the Waters)

A Standardized Approach On August 28th, the FFIEC issued a press release entitled “FFIEC Encourages Standardized Approach to Assessing Cybersecurity Preparedness”. The release “…emphasized the benefits of using a standardized approach to assess and improve cybersecurity preparedness.” On the surface the this seems very logical and straightforward, but in fact this may have provided more […]

Read Post 0
Newer
12
Older

Join Our Community

Browse Posts

  • Ask the Guru
  • Ask the ISO
  • From the Field
  • Hot Topics
  • Reading Between the Lines
  • Resources

Copyright ©2021 Compliance Guru®.
All Rights Reserved.

Powered by Safe Systems. Privacy Policy

Stay up to date with these pandemic resources for community banking.See COVID-19 Resources
+