We don't use any kind of "go to assisst" our customers directly on their devices. However I think the compliance issues are going to stem from security.
Can you garauntee a "secure" session?
How will you authenticate that the customer who requests the assistance is the customer you are assisting? (i.e. not a zombie or corrupted device? and not a "fraudster" asking for a assistance?)
Similarly to what should happen when W-K logs into help you, you should be keeping a log of who requested help and who logged in to help, What device and terminal are you logging in to and from; Why you were asked to log in. When did the request happen, when did you log in, and how long you were logged in. Most importantly for the log is logging WHAT you did while fixing the problem... with fairly specific detail...
Will you be finishing or processing any transactions that you troubleshoot?
Are you originating or authorizing any transactions you create to resolve the problem?
Will you be able to materially impact the account of the customer you are assisting?
What is your feeling towards Reg E errors should you process transactions that you were not authorized to do by the customer?
Who has oversight of this program inside the bank?
Who will the bank hire or utilize to perform these tasks?
What will the bank do to audit the usage of the program?
I mean to be honest the list of concerns you should consider is extensive, however they can all be mitigated effectively. The questions I listed here are the ones that pop to mind when I think about what I would want to see if presented with a similar choice... However to reaffirm, we do not currently have any system like this in place, so take my thoughts for what they are worth.
In life, there is a lot less that could get better and a lot more that could get worse.
MBA Fin/MBS HR
My views only!