Compliance Guru • FFIEC Guidance
  • Ask the Guru
  • The Guru Speaks
  • About
  • Ask the Guru
  • The Guru Speaks
  • About
The Compliance Guru Pictogram

Are You Ready for the New BCM Handbook?

Take the Quiz

Moving Beyond the ACET: Next Steps

Get a Copy

Role of the Information Security Officer

Get a Copy

Do we have to complete the FFIEC's CAT?
By Holly Hooks  |  In Ask the Guru

Ask the Guru: “The Cybersecurity Assessment Tool… Do we have to?”

Hey Guru! Management is asking why we have to complete the FFIEC Cybersecurity Assessment Tool when it is voluntary. They feel it is too much work if it is not mandatory. I think it is still needed even though it is voluntary. Is there any documentation as to why it is still necessary for OCC […]

Read Post 1
Most institutions should prepare for a much more thorough examination
By Tom Hinkel  |  In Hot Topics

FDIC Updates IT Examination Procedures

Starting immediately, all FDIC-examined institutions will be subjected to new IT examination procedures, the first major overhaul since December 2007.  The new format is dubbed the InTREx program (Information Technology Risk Examination), and is designed to be a bit simpler in the pre-examination phase.  In fact, the InTREx has only 26 questions vs. 59 for the 12/07 […]

Read Post 0
Leadership
By Tom Hinkel  |  In Hot Topics

FDIC Targets Board Responsibilities

“A topic is at times of such significant interest to bankers and examiners that it warrants a special issue…”  Whenever something from a regulatory body begins this way all bankers should take notice, and the latest Special Corporate Governance Edition from the FDIC is no exception.  In fact the Guru did a little research and the last time the FDIC released […]

Read Post 0
More Time
By Tom Hinkel  |  In Hot Topics

FDIC Expands Criteria for 18 Month Exam Cycle

The FDIC released FIL-17-2016 today, which will increase the examination cycle for community banks meeting certain criteria from 12 months to 18 months, thereby potentially decreasing one of the most intrusive events in the bankers life. The criteria is as follows: Must be less than $1 B in assets Must have a CAMELS composite rating […]

Read Post 0
By Tom Hinkel  |  In Hot Topics

Cybersecurity – Part 2

In Part 1 I discussed the increasing regulatory focus on cybersecurity, and what to expect in the short term.  In this post I want to dissect the individual elements of cybersecurity, and list what you’ll need to do to demonstrate compliance on each one going forward. So here are the required elements of a cybersecurity program, followed […]

Read Post 0
By Tom Hinkel  |  In Hot Topics

Cybersecurity – Part 1

Cybersecurity has gotten a lot of attention from regulators lately, and with assessments already underway it promises to be a regulatory focus for the foreseeable future.  But exactly what are they expecting from you, and how does that differ from what you may be doing already?  More importantly, how should you demonstrate that you are […]

Read Post 0
By Tom Hinkel  |  In Hot Topics

FDIC Re-issues Service Provider Guidance

Originally released in 2001, the FDIC recently re-issued 3 publications related to managing outsourced relationships: Effective Practices for Selecting a Service Provider Tools to Manage Technology Providers’ Performance Risk: Service Level Agreements Techniques for Managing Multiple Service Providers What struck me about this re-release, and the fact that they were released without modification of any […]

Read Post 0
By Tom Hinkel  |  In From the Field

A Look Back at 2013…and a Look Ahead – Part 1 (charts edition)

One thing that’s clear from the examination feedback I’ve received from financial institutions in 2013 is that examiners are spending less time in their safety & soundness examinations on the CAMELS “C”, “A”, & “L” (capital, asset quality and liquidity) issues, and more time on the “M” & “E” (management and earnings) issues.  (There was […]

Read Post 0
By Tom Hinkel  |  In Ask the Guru, From the Field

Ask the Guru: Vendor vs. Service Provider

Hey GuruI recently had an FDIC examiner tell me that we needed to make a better distinction between a vendor and a service provider.  His point seemed to be that by lumping them together in our vendor management program we were “over-analyzing” them.  He suggested that we should be focused instead only on those few […]

Read Post 2
By Tom Hinkel  |  In From the Field

Examination Downgrades Correlated with Poor Vendor Management

According to Donald Saxinger (senior examination specialist in FDIC’s Technology Supervision Branch) in a telephone briefing given to the ABA in
Read the rest of the article

Read Post 0
By Tom Hinkel  |  In Hot Topics

FDIC Files Record Number of Lawsuits in 2012 – 2015 UPDATE

UPDATE 2: We in fact did see a significant decrease in O&D lawsuits in the past few years:   UPDATE: Apparently one of the most common requests of the FDIC from bankers is for more technical assistance and training.  The FDIC has responded, and I do not believe it is coincidental that the first set […]

Read Post 0
Newer
12…4
Older

Join Our Community

Browse Posts

  • Ask the Guru
  • Ask the ISO
  • From the Field
  • Hot Topics
  • Reading Between the Lines
  • Resources

Copyright ©2021 Compliance Guru®.
All Rights Reserved.

Powered by Safe Systems. Privacy Policy

Stay up to date with these pandemic resources for community banking.See COVID-19 Resources
+