A complete listing of ALL FFIEC Tier I and Tier II examination procedures in one place, courtesy of the BITS Shared Assessments project. Very handy!
FDIC can now step in regardless of primary regulator (part 1)
According to a memorandum of understanding just signed by all the primary federal regulators (FDIC, OTS, OCC and Fed), the FDIC now has the authority to step in whenever they feel the DIF (deposit insurance fund) is in jeopardy. Although this is primarily targeted at larger (>$10b) institutions, it also applies to smaller (<$10b) institutions as well, and applies to ANY threat to the DIF, not just under-capitalization (i.e. any safety and soundness concerns)…
DR/BCP Scrutiny – UPDATED
Auditors (and some FDIC examiners) are scrutinizing disaster recovery plans more closely, specifically looking to verify that the plan structure adheres to FFIEC guidance. We’ve definitely seen this…
New Guidance and New Challenges in Remote Payment Systems
This whitepaper talks about the recent FFIEC guidance on Retail Payment Systems.
Updates to the Retail Payment Systems Handbook
Recent updates to the FFIEC handbooks: Retail Payment Systems, March 2010
Webinar: 2010 Trends, a Mid-year Assessment
Watch this educational webinar presented by the Compliance Guru and Attus.
Outsourcing – Rewards and Risks
There are twelve booklets in the FFIEC IT Examination Handbook series, and ten of them make reference to the importance of managing third-party relationships. Today, the vast majority of financial institutions outsource at least one business function, and almost 50% of institutions outsource at least one critical business function. Among community financial institutions, the percentages […]
Reg Flag enforcement delayed until 12/31/10
The FTC has decided to further delay the enforcement of the “Red Flags” rule (although this does NOT affect the original 11/1/2008 deadline for compliance). This is the second delay since the rule became effective 1/1/2008. Institutions should have a policy and procedures in place NOW, as examiners will undoubtedly be checking policy revision and […]
Disaster Recovery & Strategic Planning: How alignment can reduce risk and cost
If it’s been done correctly, your business continuity program has been developed to support your Banks’ strategic plan. The capabilities of your hardware and software have been carefully selected to coincide with the needs of your target market. Your financial projections are based on your ability to successfully penetrate your target market, and your DR […]
Vendor Management – BITS and Pieces
The effective management of critical vendors is an essential risk control. The FFIEC mentions this several times in their Examination Handbooks, most recently in the “Information Security” Handbook from July, 2006. Although most financial institutions are accustomed to approaching this from their own perspective, i.e. from the serviced side, this white paper will take a […]