According to Donald Saxinger (senior examination specialist in FDIC’s Technology Supervision Branch) in a telephone briefing given to the ABA in
Read the rest of the article
The Financial Institutions Examination Fairness and Reform Act (and why you should care)
Although it’s currently stuck in committee, financial institutions should be aware of this bill and track it closely in the next congressional session…
Read the rest of the article
“2 is the new 1″…or is it? (with poll)
UPDATED – October, 2012 – Two institutions in the past ten days have told me that they have been assigned a CAMELS score of “1” in their latest examination. One institution regained their 1 after slipping to a 2 in their last exam cycle, and the other went up to a 1 for the first […]
2012 Compliance Trends, Part 3 – Management
I’ve written about the importance of this before, and from many different angles, but I want to recap and explain why I think management (both IT and enterprise) will be an area of increased regulatory focus in the year ahead. To recap my criteria for inclusion in the “2012 Trends” list, it must have a […]
Material Loss Reviews: Does responsibility = liability?
I asked in my previous post whether or not the regulators should share any of the blame when institutions fail, and if so, should they shoulder any of the liability? The thought occurred to me as I was reviewing some recent Material Loss Reviews. A Material Loss Review (MLR) is a post-mortum written by the […]
Exam preparation – less equals more?
One of the more surprising findings from my recent examination experience survey (thanks again to all that participated!) is that there doesn’t seem to be a direct relationship between the amount of time spent preparing, and examination results. I’ll elaborate in a moment, but first, here are the final survey demographics: There were 80 total […]
The IT Strategic Plan – Why, Who, & How
One of the most common examination findings recently (particularly with the FDIC) has been the lack of an IT Strategic Plan. I’m not sure why the focus lately (perhaps the shift from the CAMELS “A” to the “M”?), but the concept is certainly not new. The regulatory mandate for it is found in the 2004 […]
The Control Self-Assessment (CSA)
If there was a process that was mentioned 43 times in 7 of the 12 FFIEC IT Examination Handbooks, (including 12 times in the Information Security Handbook alone!), would you consider implementing it? How about if it virtually assured better audits and examinations? OK, you’re interested, but the last thing you need is to implement […]
IT Composite Ratings: 1 vs. 2
In a recent survey conducted with our customers, we asked them to tell us (anonymously) what their FDIC IT composite scores were after their last IT examination, and whether those scores increased (got worse), or decreased (got better). The average score was 1.8 on the 5 point scale. Of course the results could be attributed […]
Management of IT reflects overall management
(This is an extract from an article written for Bank Technology News. The full article is here.) One of the reasons compelling the shift towards increased focus on IT is found in the only non-financial element in the CAMELS ratings: management…