Skip to content

Privacy & Monitoring Service Providers

Answered by: 

Question: 
How do banks intend to monitor their service providers to confirm that they are maintaining appropriate security measures to safeguard the bank's customer information? We are looking for a practical, reasonable way to do this.
Answer: 

Step one is to provide in your contracts that you have the ability to monitor the service providers. The contracts should include your ability to monitor or audit their work.

When you review their practices, you need to be able to do more than review the results of their own audits. You need to be able to perform you own.

Realistically, this could become overwhelming. There are several trends afoot to make this manageable. First, some banks are banding together to share the audit responsibilities. This might be co-ordinated through a users group. Also, some banks are contracting with outside audit or consulting groups to perform audits, again for a group of banks rather than one at a time with each footing the entire bill.

There is also the possibility that the regulatory agencies will step into this arena as they did for Y2K. But don't hold your breath too long waiting for that.

First published on BankersOnline.com 8/6/01

First published on 08/06/2001

Filed under: 
Filed under operations as: 
Filed under security as: 

Banker Store View All

From training, policies, forms, and publications, to office products and occasional gifts, it’s available here:

Banker Store

hot right now

image description

Looking for effective, convenient training on a particular subject?

BOL Learning Connect offers more than 200 courses ON-DEMAND or on CD ROM from AML to Reg Z and every topic in between.

Search Topics