What regulations outline requirements for shredding of paper documents that are bank, or customer, consumer information?
Don't we do enough already in our compliance efforts for GLBA?
Are Annual Privacy notices for 2013 required to be mailed?
Does Reg. P (Privacy Notice) apply to Commercial Borrowers?
A big part of our IT Security budget is spent on GLBA compliance. Are we doing something wrong?
How can a bank achieve assured compliance given the constrained information security budgets today?
Among credit risk, market risk and operational risk, developing a good operational risk management program seems to be the most challenging. Can't our existing compliance processes (e.g., AML, Red Flags, GLBA, etc.) contribute to operational risk management?
Banks are consistently asked for loan account numbers and pay-off amounts by automobile dealers, insurance companies and other banks that wish to pay off trade-ins, submit insurance payments or to get accurate pay-offs when consumers are refinancing debt. How does the GLBA come into play when a bank receives these requests?
Is it a GLBA violation if a list of loan numbers with the borrower's name next to it is posted on a file cabinet that is visible in an office facility?