Good afternoon,
We recently had an IT audit where one of the recommendations that they made was for us to put agreements into place whenever another (non-bank owned) website creates a link that sends traffic to our website. So essentially, if any other entity were to put a link to our website on their website, (according to the auditor), we should have a written agreement in place with that company.
Am I the only one who thinks this is absolutely ridiculous? First, how would be know when some random third-party puts a hyperlink to our website anywhere? If we do authorize a third-party to put a link to our website on their website, what in the world would an agreement state? Also, I've looked and looked, but can find nothing in guidance or regulation that covers this (probably because it's ridiculous!), so if anyone is aware of anything out there, please let me know.
Note- I'm not confusing this with the interagency guidance on third-party weblinking...you read it correctly above.
Thanks!
_________________________
The opinions expressed here are my own and not reflective of those of my employer.