What is a loan application?
If we take a loan app over the phone, web page or in person, how long do we have to keep each?
I want to be sure we are correctly handling the annual report that needs to be made on compliance with the Red Flags rule. Two questions: Does the report have to be made to the Board of Directors and what is the content of the report.
marIt’s been about five years since we updated our Red Flags program. Do you think we’re still okay?
If a bank relies on an automated ID verification system for both CIP and red flags compliance and there are red flags associated with the name, date of birth, or social security number that go unresolved, are these CIP violations as well as violations of the bank's identity theft program? We only use the system to verify the identity of customer’s who are new to the bank.
How are banks impacted by the FACT Act?
How can a bank achieve assured compliance given the constrained information security budgets today?
I was at a seminar presented by Jack Holzknecht regarding implementing the new Identity Theft Red Flag and Address Reconcilement Rules. Do we need to monitor each and every address change or be able to sample a number of them and monitor that way?
Among credit risk, market risk and operational risk, developing a good operational risk management program seems to be the most challenging. Can't our existing compliance processes (e.g., AML, Red Flags, GLBA, etc.) contribute to operational risk management?