Skip to content
BOL Conferences
Forums · Active Threads · Forum Rules · Mark All Read · Log In
BankersOnline.com Forums Banker Forums eBanking / Technology Multi Factor Authentication Brochure
Thread Options
#673900 - 01/26/07 09:51 PM Multi Factor Authentication Brochure
TexasBankerGirl Offline
Member
TexasBankerGirl
Joined: Oct 2006
Posts: 85
Texas
My bank president keeps getting sample brochures in the mail from various vendors who make it sound like we were "REQUIRED' to educate our electronic banking customers with brochures. Other things I've read and seen said it was just "recommended" to notify customers.

Our website gave internet banking customers a brief tutorial and an abbreviated explanation of the new authentication requirements.

Now, three weeks after the deadline, we get more brochures in the mail, and my president brings them to me asking "why aren't we in compliance? We did not supply them with brochures!"

Is there a citation in the FFIEC guidance that clearly states it is recommended to notify vs. REQUIRED to notify?

Any help would be greatly appreciated!

Return to Top
eBanking / Technology
#674027 - 01/26/07 10:58 PM Re: Multi Factor Authentication Brochure TexasBankerGirl
John Burnett Offline
10K Club
John Burnett
Joined: Oct 2000
Posts: 40,086
Cape Cod
The FFIEC's authentication guidance document says
Quote:
Financial institutions have made, and should continue to make, efforts to educate their customers. Because customer awareness is a key defense against fraud and identity theft, financial institutions should evaluate their consumer education efforts to determine if additional steps are necessary. Management should implement a customer awareness program and periodically evaluate its effectiveness. Methods to evaluate a program's effectiveness include tracking the number of customers who report fraudulent attempts to obtain their authentication credentials (e.g., ID/password), the number of clicks on information security links on Web sites, the number of statement stuffers or other direct mail communications, the dollar amount of losses relating to identity theft, etc.


Regulators are pretty insistent that "should" is the past tense of "shall," and not equivalent to "may." That said, the entire document is guidance.

You're in an institution where the CEO is pushing for spending a buck in the name of compliance and customer awareness. Count yourself lucky! I'd recommend you review what the vendors offer, check out the federal regulators' sites for any freebies, and then get the best of what's available out to your customers.
_________________________
John S. Burnett
BankersOnline.com
Fighting for Compliance since 1976
Bankers' Threads User #8

Return to Top
#674127 - 01/27/07 03:41 AM Re: Multi Factor Authentication Brochure John Burnett
sunny Offline
New Poster
Joined: Mar 2006
Posts: 4
milky way
I would concur with the recommendations that Mr. Burnett has made. I have been especially impressed with those banks that have taken an advocacy and educational approach with the consumer education related to security. I think there is the opportunity to turn non-online bankers into online bankers and also the opportunity to cross-sell products and services that drive returns for your bank. For example in the brochure you send out you may want also want to promote bill payment or electronic statements. Your internet banking vendor is sure to have loads of ideas and, hopefully, some complementary direct marketing/education kits.

Return to Top

Moderator:  Andy_Z