A complete listing of ALL FFIEC Tier I and Tier II examination procedures in one place, courtesy of the BITS Shared Assessments project. Very handy!
According to a memorandum of understanding just signed by all the primary federal regulators (FDIC, OTS, OCC and Fed), the FDIC now has the authority to step in whenever they feel the DIF (deposit insurance fund) is in jeopardy. Although this is primarily targeted at larger (>$10b) institutions, it also applies to smaller (<$10b) institutions as well, and applies to ANY threat to the DIF, not just under-capitalization (i.e. any safety and soundness concerns)…
Auditors (and some FDIC examiners) are scrutinizing disaster recovery plans more closely, specifically looking to verify that the plan structure adheres to FFIEC guidance. We’ve definitely seen this…
This whitepaper talks about the recent FFIEC guidance on Retail Payment Systems.
Recent updates to the FFIEC handbooks: Retail Payment Systems, March 2010
Watch this educational webinar presented by the Compliance Guru and Attus.
There are twelve booklets in the FFIEC IT Examination Handbook series, and ten of them make reference to the importance of managing third-party relationships. Today, the vast majority of financial institutions outsource at least one business function, and almost 50% of institutions outsource at least one critical business function. Among community financial institutions, the percentages […]
The FTC has decided to further delay the enforcement of the “Red Flags” rule (although this does NOT affect the original 11/1/2008 deadline for compliance). This is the second delay since the rule became effective 1/1/2008. Institutions should have a policy and procedures in place NOW, as examiners will undoubtedly be checking policy revision and […]
If it’s been done correctly, your business continuity program has been developed to support your Banks’ strategic plan. The capabilities of your hardware and software have been carefully selected to coincide with the needs of your target market. Your financial projections are based on your ability to successfully penetrate your target market, and your DR […]
The effective management of critical vendors is an essential risk control. The FFIEC mentions this several times in their Examination Handbooks, most recently in the “Information Security” Handbook from July, 2006. Although most financial institutions are accustomed to approaching this from their own perspective, i.e. from the serviced side, this white paper will take a […]