Preparing Your Annual Security Program Report

Support for BOL is provided by:

MAIN CONTENT

Compliance

Agency Road Maps

Alphabet Soup

Compliance Tools

FACTA/FCRA

OFAC

Lending

FACTA/FCRA

Lending Tools

SCRA

Marketing

Operations

Check 21

Operations Tools

SAR Resrch Guide

Security

AML/BSA

Bank Robbery

Counterfeits

ID Fraud/Phishing

Security Tools

Technology/eBanking

Info Security

SPECIAL AREAS

BOL Archives

BOL Blogs

Briefing Archive

Calendar

Court Watch

e-Card Exchange

Examiner's Corner

Executive Briefing

HR Corner

Infovault

Launch Pad

Regulator Roadmaps

Risk Management

Site Map

Site Orientation

Top Stories

~ ~ ~

SERVICES

CrimeDex

Em@il Education

ID Verification

~ ~ ~

SHOP

Banker Store
Bankers Info Ntwk
Vendor Connect

CONNECT

Career Connect

Learning Connect

Vendor Connect

Guru Central

INTERACT

Ask a Guru
Bankers Threads

Contact Us

Give Us Feedback

TOOLS

BOL Toolbar

60 Second Solutions

Alphabet Soup

Banker Tools

BOL Forms

FUN

BOL Recipes

eCard Exchange

LEARN MORE

About Us

Preparing Your Annual Security Program Report

by Dana Turner, BOL Guru
Guru Bios

Overview
The Bank Protection Act requires that the institution�s Security Officer report annually to the Board of Directors about the status of the Security Program. The regulations don't specify:

If the report must be in writing;
Who must deliver the report; or
What information the report must contain.

The Security Department As A Business Unit
Managing the institution�s Security Department requires careful planning, cooperation among departments and functions -- and an action plan. You do not have to be a full-time Security Officer to be successful -- but you do have to be a professional one. Use the varied techniques employed by other successful Security Officers to manage the Security Department as an effective business unit first. Then develop an action plan that helps you to gather the information necessary for both routine use and for presentation to the Board of Directors. An action plan for the Security Department includes many ongoing tasks, including:

Becoming familiar with applicable laws and regulations that logically affect the Security Department, such as the Bank Protection Act, Regulation H, the FFIEC's Interagency Policy Statement on Contingency Planning, the USA Patriot Act, the Americans With Disabilities Act, OSHA guidelines and local fire codes;
Meeting with various members of your Board of Directors at least quarterly, so that you can maintain the Board�s support while keeping the Board informed about security issues in a timely manner;
Working with your Auditor to develop a comprehensive safety and security checklist that you can use to conduct standardized, comprehensive risk assessments, allowing you to identify and correct operational deficiencies quickly;
Working with your Compliance Officer to develop and enforce compliance policies and procedures;
Working with a risk reduction specialist from your insurance carrier to develop policies and procedures that reduce both safety and security risks;
Subscribing to an assortment of safety and security publications to become and remaining informed about current industry trends, new crime prevention techniques and other resources that may be available outside your immediate geographical area; and
Joining or starting a peer group -- composed of other security professionals in your geographical area -- to discuss common security issues, and invite representatives of your local law enforcement agencies and retail and wholesale businesses to participate.

Preparing & Delivering
The Annual Security Program Report
The designated Security Officer must prepare the Security Program Report and -- ideally -- he/she should prepare a written version each year. Forwarding a quarterly update to the Board of Directors will help them to remain informed about your security-related activities and your progress.

Regulations don't require that the Security Officer present the Security Program Report personally -- or even that an oral report must be presented. But the Board of Directors should know who the Security Officer is and what he/she does -- and the members should have the opportunity to ask questions and give guidance. Delivering his/her own report will help both the Security Officer and the Board of Directors understand each other's needs.

What The Security Program Report
Should Contain
Following the Security Department's action plan will provide you with the information necessary to develop and deliver a comprehensive report to the Board of Directors. Write your report in a narrative manner -- and use topic headers, bullet points, charts, statistics and lists to help identify important information. Your report should span three years:

Last year (historical data);
This year (current data); and
Your projections for next year.

Although the regulations don't specify what the annual report must contain, the report should logically address security-specific concerns and common issues reported upon by managers of other business units, including:

Reported crimes by internal and external sources, including losses;
Potential recoveries, civil and criminal actions;
Crime trends within the industry overall, and within this geographical area, in particular;
Suspicious Activity Report filings and circumstances, if that's appropriate;
Pending new or changes to existing laws and regulations;
Newly-developed industry security standards;
Advancements in policies, procedures and technology that are applicable to your loss prevention efforts;
Risk assessment results;
Control issues requiring modification;
Budget requests and accompanying rationale; and
Needed or anticipated staffing changes.

Make certain that a copy of your report is furnished to each Board member before your presentation meeting. Use the presentation meeting to:

Inform the Board�s members about your efforts;
Discuss any concerns; and
Request the Board�s support for your budget request.

After you have made your report, request that your presentation be reflected in the Board�s meeting minutes so that you can show examiners that you have complied with regulations. If the Board declines one of your requests, restate your request in phases. Also ask that any stated opposition to or denial of your requests is reflected in the Board�s meeting minutes, along with the rationale for declining it.

Summary
Your security review becomes one of your most valuable loss prevention tools and developing it causes the Security Officer to focus upon real -- and potential -- liabilities. Writing the Annual Security Program report causes the Security Officer to justify and explain comments and recommendations. Delivering the report to the institution's Board of Directors educates the Board members about security issues.

The Security Officer always serves at the request of the institution�s Board of Directors. The Security Officer is obligated to furnish the Board with sufficient information to allow it to make intelligent and informed decisions about the initial and continuing development and implementation of the institution's Security Program. The Board has a limited obligation to comply with the Security Officer�s requests, however.

First published on BankersOnline.com 1/07

Open the newly required
"UAD" .XML appraisals
Download Free UAD Reader

Privacy Policy Disclaimer Recommend This Site ! Contact Us

BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.