Click to return to BOL home page
Banker Store eCard Exchange Vendor Connect Career Connect Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads BOL Conferences CrimeDex Risk Management FREE Briefings Record Retention

   

















    Site Map

    Our Sponsors

    Home






Print Friendly! Email This Article! Discuss NOW!


E-commerce Enabled Web Hosting Contract
by Michael Guard
BIO AND CONTACT INFO

QUESTION: Can you recommend a good source or template for creation of an e-commerce enabled web hosting contract that protects a bank against liability with regards to its customers?

ANSWER: The only sample contract I know of on the Internet is in Appendix 2 of a document posted by the FDIC, Tools to Manage Technology Providers' Performance Risk: Service Level Agreements which you can get to from this link. I am pointing you to this page instead of directly to the document because it also contains links to two other documents which may prove useful to you and I highly recommend all three of them. That said, if I understand your question correctly, what you are wanting to do -- limit your institution's liability to its customers for the negligence of service providers -- cannot be done.

Regardless of any contract language between the bank and a service provider the bank cannot avoid liability for acts, or failures to act, of the service provider. The regulators have been very clear on this point and do not even want to see contracts which purport to attempt to do so. Any such contract language would only tend to confuse the issues and would be contrary to the law anyway and thus not enforceable between the institution and its customers.

The institution owes duties to its customers and no contract can alter that, even when a service provider performs all actions relating a specific duty or service. The way one attorney for a bank regulatory agency put it: you can contract away the duty, but not the liability. While a bank can hire a service provider to help the institution provide services to customers, there is no escape from liability to the customers if the service provider is negligent. There is nothing which would prevent a service provider from indemnifying the institution for damages suffered by the institution due to the negligence of the service provider, but that is different, more like insurance, and has nothing to do with liability to customers.

This is one of the reasons why the regulators are so serious about financial institutions using due care in selecting service providers and monitoring service providers' information security programs. If an institution is not adequately monitoring a service provider's information security program and a customer is damaged by the negligence of the service provider, the institution will have virtually no chance of defending itself against a lawsuit brought by the customer.

First published on BankersOnline.com 10/1/01


Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking
BOL Archives    Privacy Policy    Important Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.