Click to return to BOL home page
Banker Store eCard Exchange Vendor Connect Career Connect Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads BOL Conferences CrimeDex Risk Management FREE Briefings Record Retention
 


MAIN CONTENT 
Compliance

    Agency Road Maps

    Alphabet Soup

    Compliance Tools

    FACTA/FCRA

    OFAC

Lending

    Article 9

    FACTA/FCRA

    HMDA Heaven

    Lending Tools

    SCRA

Marketing

Operations

    Check 21

    Disaster Updates

    Disaster Recovery

    HR Corner

    IRA Season

    Money Matters

    Operations Tools

    SARResearchGuide

Security

    AML/BSA

    Bank Robbery

    Counterfeits

    ID Fraud/Phishing

    Security Tools

Technology/eBanking

    Disaster Updates

    Disaster Recovery

    Info Security


SPECIAL AREAS 
BOL Archives

BOL Blogs

Briefing Archive

Calendar

Court Watch

Disaster Issuances

Em@il Education

Examiner's Corner

Executive Briefing

Infovault

Launch Pad

Lessons Learned

Monthly Roundup

Risk Management

Site Map

Site Orientation

Top Stories


~ ~ ~
SERVICES 
Background Check
BOL Conferencing

CrimeDex

Em@il Education

ID Verification

Record Retention


~ ~ ~
SHOP 

Banker Store
Bankers Info Ntwk
Books
Vendor Connect

CONNECT 

Career Connect

Learning Connect

Vendor Connect

Guru Central

INTERACT 

Ask a Guru
Bankers Threads

Contact Us

Give Us Feedback


TOOLS 

60 Second Solutions

Alphabet Soup

Banker Tools

BOL Forms

FUN 

Banker Humor

Banker Memories

BOL Recipes

eCard Exchange

LEARN MORE 

About Advertising
About Our Sponsors
About Us

Print Friendly! Email This Article! Discuss NOW!

Internet Safeguards

While information technology is not usually the responsibility of the compliance manager, there are certain IT functions that the compliance manager should make sure are in place. One is information security and the customer privacy protections that go with it. Techniques for keeping information secure are vulnerable to a variety of attacks, ranging from hacking to theft.

One area that is becoming increasingly common is account hijacking. This occurs when a fraudster, posing as the financial institution, sends messages to customers requesting that they verify certain information. Once the consumer verifies it, the fraudster has what is needed to steal from that customer.

To prevent this, OCC (OCC Bulletin 2005-24) and other regulatory agencies recommend a two-pronged approach. One is enhanced steps to protect customer information, including "multifactor authentication." The other, of course, is customer education. Make sure customers know when and how the institution will send electronic messages to them. And make sure that customers know that you will never ask the customer to verify information unless the customer initiated the transaction.

Copyright © 2005 Compliance Action. Originally appeared in Compliance Action, Vol. 10, No. 8, 7/05



Print Friendly! Email This Article! Discuss NOW!