Good afternoon,

We recently had an IT audit where one of the recommendations that they made was for us to put agreements into place whenever another (non-bank owned) website creates a link that sends traffic to our website. So essentially, if any other entity were to put a link to our website on their website, (according to the auditor), we should have a written agreement in place with that company.

Am I the only one who thinks this is absolutely ridiculous? First, how would be know when some random third-party puts a hyperlink to our website anywhere? If we do authorize a third-party to put a link to our website on their website, what in the world would an agreement state? Also, I've looked and looked, but can find nothing in guidance or regulation that covers this (probably because it's ridiculous!), so if anyone is aware of anything out there, please let me know.

Note- I'm not confusing this with the interagency guidance on third-party weblinking...you read it correctly above.

Thanks!

In the HTML code there is a way to block certain domains from linking to you, but it is a per-domain set up. You would have to enter every website that you "don't" want to link to you (and it only stops the link from working... they can still link to you all day long and it just looks like your website is down).

Maybe there is new HTML wizardry that allows more dynamic domain blocking, but I'm not aware of it. Honestly, unless you have a problem (i.e. www.IHateTimStoke'sank.com keeps flaming and linking to you), I wouldn't even waste your time on this.