-
Say What You Do…But Do What You Say
Feedback from recent regulatory examinations indicates a potentially troublesome trend; regulators are actually reading your policies. Traditionally, regulatory findings are concentrated in policy weaknesses. Either polices don’t exist (social media and mobile banking for example), or they do exist but need “expansion”. (“Expansion” is a vague and often used-term in examination findings to indicate a…
-
A Look Back at 2013…and a Look Ahead – Part 1 (charts edition)
One thing that’s clear from the examination feedback I’ve received from financial institutions in 2013 is that examiners are spending less time in their safety & soundness examinations on the CAMELS “C”, “A”, & “L” (capital, asset quality and liquidity) issues, and more time on the “M” & “E” (management and earnings) issues. (There was…
-
The OCC Sets a New Standard for Vendor Management…
…but will it become the new standard for institutions with other regulators? UPDATE – The answer is yes, at least for the Federal Reserve. Readers of this blog know that I’ve been predicting an increase in vendor management program scrutiny since early 2010. And although the FFIEC has been very active in this area, issuing…
-
Data Classification and the Cloud
UPDATE – In response to the reluctance of financial institutions to adopt cloud storage, vendors such as Microsoft and HP have announced that they are building “hybrid” clouds. These new models are designed to allow institutions to simultaneously store and process certain data in the cloud, while a portion of the processing or storage is done…
-
New cyber attack targeting small to medium-sized financial institutions
The FBI, in association with the Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Internet Crime Complaint Center (IC3), recently issued a fraud alert warning that criminals are using a multi-vector attack to compromise financial institution networks and initiate fraudulent wire transfers. The first thing that struck me about this attack is that…