Between the potential for customer files and account trials to walk away and the possible introduction of viruses, I am curious as to what kinds flash drive controls (if any) are being implemented and/or if regulators have started questioning this.
Our external auditor has requested that we create a firewall policy. I certainly wouldn't know where to begin. Does anybody have or know where I can get a template for a firewall policy?
Is accidentally exposing the incorrect check images to customers via online banking considered a reportable event for information security and privacy purposes? I am thinking that it is, since users can save the images to their desktop or other device. The check images are not images of the online banking user's checks, but of other customers' checks that contain bank account number, name, address and a signature.
Regarding automated telephone banking systems, customers can currently inquire (get account balance and info) by phone with their account number and last four digits of their SSN. If they want to transfer funds between their accounts, they must complete an application. My bank wants to give automatic access to transfers too. I'm concerned about Reg E issuing access device rules. Is calling the number and following the steps, "requesting" the access? We have new operations personnel who say all banks do this automatically. Other banks don't have customers fill out a form or call and talk to someone, it is all done through the automated phone system. Does this comply?
When an investigation into alleged suspicious activity by a customer is determined not to be suspicious, how long must the records be kept?
Our bank is second in a participation loan. Do we have to obtain identification and CIPs for the guarantors?
This section of The SAR Activity Review focuses on patterns of BSA reporting, specifically as it relates to mortgage loan fraud, as well as trends in how financial institutions file their BSA repor
Do tellers need to run an OFAC check on a non-customer that comes in to cash a check on a customer’s account? The checks range anywhere from $5.00 to over $2500.00.
We have a loan to a corporation that has four guarantors, two of which happen to be corporations themselves. Are we required to perform CIP for loan guarantors? Are we going to need a corporate borrowing resolution for the two corporations that are guarantors?
How can the bank cut cost in risk and compliance management for third parties?