Click to return to BOL home page
Banker Store BOL Vendor Connect BOL Career Connect BOL Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads Background Check CrimeDex Em@il Education ID Verification Record Retention
 


MAIN CONTENT 
Compliance

    Agency Road Maps

    Alphabet Soup

    Compliance Tools

    FACTA/FCRA

    OFAC

Lending

    Article 9

    FACTA/FCRA

    HMDA Heaven

    Lending Tools

    SCRA

Marketing

Operations

    Check 21

    Disaster Updates

    Disaster Recovery

    HR Corner

    IRA Season

    Money Matters

    Operations Tools

    SARResearchGuide

Security

    AML/BSA

    Bank Robbery

    Counterfeits

    ID Fraud/Phishing

    Security Tools

Technology/eBanking

    Disaster Updates

    Disaster Recovery

    Info Security


SPECIAL AREAS 
BOL Archives

BOL Blogs

Briefing Archive

Calendar

Court Watch

Disaster Issuances

Em@il Education

Examiner's Corner

Executive Briefing

Infovault

Launch Pad

Lessons Learned

Monthly Roundup

Risk Management

Site Map

Site Orientation

Top Stories


~ ~ ~
SERVICES 
Background Check
BOL Conferencing

CrimeDex

Em@il Education

ID Verification

Record Retention


~ ~ ~
SHOP 

Banker Store
Bankers Info Ntwk
Books
Vendor Connect

CONNECT 

Career Connect

Learning Connect

Vendor Connect

Guru Central

INTERACT 

Ask a Guru
Bankers Threads

Contact Us

Give Us Feedback


TOOLS 

60 Second Solutions

Alphabet Soup

Banker Tools

BOL Forms

FUN 

Banker Humor

Banker Memories

BOL Recipes

eCard Exchange

LEARN MORE 

About Advertising
About Our Sponsors
About Us


Print Friendly! Email This Article! Discuss NOW!


Reporting of Customer Information Comprised by Bank Error

Question: I've been working on procedures in the event a customer's sensitive information is compromised and just discovered your article on the ID Theft Response Program Proposal. It's been very helpful but I have a question or two. I'm getting conflicting responses from various compliance sources so I thought I'd get your take on the following. We've had instances where we've compromised sensitive customer information on an individual basis. For instance by faxing a loan renewal document to the wrong number, or sometimes a check will post incorrectly and one customer's check image will be provided to another customer (which of course provides them with name, address, account number, and signature sample) or even when checks from one customer or a statement belonging to one customer is forwarded in the envelope to the wrong person. According to the FDIC guidelines, this qualifies as sensitive customer information and technically by our error, we have compromised our customer. We send a letter to our customer and flag the account with an ID theft alert message. My question - are we really required to notify the FDIC in these instances? We will always notify our customer but it's hard for me to swallow notifying the FDIC when this is simply an error, and not a cyber intruder or a stolen laptop that contains sensitive customer information.

Answer: We contacted FDIC with your question, and evidently there have been other calls like ours. Their response was that under the FDIC guidelines, yes, you are required to report the compromised sensitive information in individual cases where the identifying information was actually contained in the documents. However, in the case of the loan renewal, by terms of the definition of sensitive information, you need not report that type of error.

Having so said, FDIC tells us they are addressing this problem and will, within a month (so they say) be in touch with their regional offices to set up a system whereby you can "aggregate" reporting on a monthly or quarterly basis. We'll let you know if we find anything further.

Copyright © 2005 Bankers' Hotline. Originally appeared in Bankers' Hotline, Vol. 15, No. 7, 7/05



Print Friendly! Email This Article! Discuss NOW!


Privacy Policy    Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.