If you're a national bank and you have a safety and soundness exam scheduled to take place soon, you'll want to make sure your IT staff is aware of the scrutiny they will be under.
Consistent with the new OCC 2001 Community Bank Supervision Booklet (don't you love it when the regulators refer to something that's 156 pages long as a "booklet"?), examiners will now be reviewing a national bank's information technology as part of a safety and soundness exam. The OCC has integrated the review of technology into the core assessment in two ways. First, examiners will consider the effect of technology on each area they review, especially its effect on the accuracy, reliability, and timeliness of automated reports used in the bank's risk management process. Second, examiners will assess the potential impact of technology on each of the nine OCC-defined risks.
Technological risk is not defined as a separate category of risk, but OCC notes that because risks are interdependent, a single weakness in technology can increase risk in several risk categories. For example, a weakness in Internet banking controls
could lead to increased fraud (i.e., transaction risk). If this fraud becomes public knowledge, reputation risk may also increase. The bank's tarnished reputation can increase the cost of funding or reduce funding's availability (i.e., liquidity and interest rate risks).
We've been noticing an increase in the number of regulatory enforcement orders that relate to IT weaknesses, so take special care to ensure your information technology area is strong.
BankersOnline is a free service made possible by the generous support of our
advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all
banking professionals. Support our advertisers and sponsors by clicking
through to learn more about their products and services.
Print Friendly!
Email This Article!
Discuss NOW!
