Skip to content

Banker's Toolbox Announces — ACQUISITION OF LOAN LOSS RESERVE POWERHOUSE, MAINSTREET TECHNOLOGIES
Banker's Toolbox, Inc., leaders in compliance solutions for financial institutions, announced the acquisition of Georgia-based MainStreet Technologies (MST). MST is an industry leader in the loan risk management space. This acquisition adds to a strong and growing portfolio of compliance-related solutions and will continue to enhance the value Banker's Toolbox brings to both their customers and the industry. (Read full press release here.)

Top Story Technology Related

07/18/2019

FTC: Does COPPA Rule need changes?

The Federal Trade Commission is requesting comments on the effectiveness of the amendments the agency made to the Children’s Online Privacy Protection Rule (COPPA Rule) in 2013 and whether additional changes are needed. The COPPA Rule, which first went into effect in 2000 to implement the Children’s Online Privacy Protection Act, requires certain websites and other online services that collect personal information from children under the age of 13 to provide notice to parents and obtain verifiable parental consent before collecting, using, or disclosing personal information from those children. Specific questions on which the FTC is seeking comment include:

  • Has the Rule affected the availability of websites or online services directed to children?
  • Does the Rule correctly articulate the factors to consider in determining whether a website or online service is directed to children, or should additional factors be considered? For example, should the Rule be amended to better address websites and online services that may not include traditionally child-oriented activities, but have large numbers of child users?
  • What are the implications for COPPA enforcement raised by technologies such as interactive television, interactive gaming, or other similar interactive media?
  • Should the Commission consider a specific exception to parental consent for the use of education technology in schools?
  • Should the Commission modify the Rule to encourage general audience platforms to identify and police child-directed content uploaded by third parties?

07/17/2019

Business email compromise attempts hit $301M a month

FinCEN has issued a report warning that manufacturing and construction firms are top targets for business email compromise attacks. The number of suspicious activity reports describing business email compromise (BEC) incidents reported monthly has grown rapidly, averaging nearly 500 per month in 2016, and above 1,100 per month in 2018. The total value of attempted BEC thefts, as reported in SARs, climbed to an average of $301 million per month in 2018 from only $110 million per month in 2016. For portions of this report, FinCEN analyzed randomly selected, statistically representative samples of SAR narratives on BEC incidents filed in 2017 and 2018 to assess BEC trends and methods.

FinCEN has established an exchange forum that focuses on BEC scams and issued an updated advisory [FIN-2019-A005] on email compromise fraud schemes that target vulnerable business processes.

07/16/2019

Protecting your bank from phishing attempts

FRBservices.org's July 15 FED360° newsletter includes an article, "Gone phishing—Tips to help protect your organization from phishing attempts." Phishing is used by threat actors in attempts to acquire sensitive information using a fraudulent solicitation, via email or on a website (or through text messages) in which the fraudster poses as a legitimate business or reputable person. The article offers tips to help protect banks and other organizations from phishing attempts:

  • Educate your staff on what phishing is, how to spot it and how/where to report it when it occurs.
  • Consider having occasional "testing" phishing exercises.
  • Have clear and well documented policies on how to manage phishing attempts to ensure staff respond appropriately
  • When possible, use technology to aid in the identification of phishing emails though the classification of internal versus external email sources
  • Add warning messages to the header of all incoming emails from external senders, alerting employees to review external messages with extra care
  • Maintain contemporary anti-virus and anti-malware scanning software to offer additional protections in the event staff inadvertently click on suspicious links embedded in the body of an email
  • Stay on top of the evolving phishing tactics by consulting with your information security staff to monitor trends and adjust internal policies and procedures accordingly
  • Restrict or remove email and web browsing on systems routinely used for payments processing

07/10/2019

White paper on synthetic ID fraud

The Federal Reserve's FedPayments Improvement Task Force has released Synthetic Identity Fraud in the U.S. Payment System—A Review of Causes and Contributing Factors, a white paper on the growing problem of synthetic identity fraud in the U.S. payment system. The paper is a compilation of insights from Federal Reserve and industry subject matter experts. It’s intended to be a resource for industry professionals on the current state of synthetic identity fraud, including the scope of the issue, causes, contributing factors and its impact on the payments industry.

06/26/2019

New crackdown on illegal robocalls

The FTC and its law enforcement partners have announced a major crackdown on illegal robocalls, including 94 actions targeting operations around the country that are responsible for more than one billion calls pitching a variety of products and services including credit card interest rate reduction services, money-making opportunities, and medical alert systems. The joint crackdown, “Operation Call it Quits,” is part of the Commission’s ongoing effort to help stem the tide of universally loathed pre-recorded telemarketing calls. It also includes new information to help educate consumers about illegal robocalls. In addition, the FTC continues to promote the development of technology-based solutions to block robocalls and combat caller ID spoofing.

06/26/2019

FDIC statement on 'Overseeing The Fintech Revolution'

In testimony before the House Task Force on Financial Technology of the Committee on Financial Services, the FDIC submitted a statement for the record entitled "Overseeing the Fintech Revolution: Domestic and International Perspectives on Fintech Regulation," which discussed using technology to meet consumers' needs and improving the supervisory process, technology and the business of banking, the FDIC’s role in fostering innovation, and the FDIC tech lab. It concluded by saying that often regulatory agencies play "catch up" with technological advancements and their impact on regulated entities and consumers. The FDIC's goal is to reverse that trend through increased collaboration and partnership with the industry. Working together, the FDIC can help increase the velocity of transformation, while ensuring that banks continue to operate in a safe and sound manner and consumers remain protected.

06/24/2019

OCC moving to electronic fingerprinting

OCC Bulletin 2019-29, issued Friday, announces that the OCC is moving to electronic fingerprinting to facilitate background checks performed in connection with applications and notices submitted to the OCC, including applications for charters, notices of acquisition of control, and notices to replace board members or senior management in certain institutions. The OCC will begin using the new process in July 2019.

In coordination with these changes, the OCC has issued revisions to the “Background Investigations” and “Changes in Directors and Senior Executive Officers” booklets of the Comptroller’s Licensing Manual to incorporate updated procedures and requirements for electronic fingerprinting.

06/21/2019

EU-US statement on security threats

At the conclusion of the E.U.-U.S. Ministerial Meeting on Justice and Home Affairs in Bucharest, Romania, a joint statement was issued regarding E.U.-U.S. cooperation in addressing common security threats. E.U. and U.S. representatives affirmed that fighting terrorism is among their top priorities and committed to enhance their joint efforts, including by expanding the sharing of information gathered in zones of combat for use in investigations and prosecutions. The E.U. and the U.S. also discussed the priority area of security in cyberspace. Participants committed to further joint efforts to maintain a safe, open, and secure cyberspace, and exchanged views on how to best address growing cyber threats.

06/17/2019

OCC schedules two workshops in Boston

Two compliance and operational risk workshops will be hosted by the OCC at its Boston Field Office, on July 30 and 31, for directors of national community banks and federal savings associations it supervises.

  • The Compliance Risk workshop on July 30 focuses on the critical elements of an effective compliance risk management program and on major compliance risks and critical regulations. Topics of discussion include the Bank Secrecy Act, Flood Disaster Protection Act, Fair Lending, Home Mortgage Disclosure Act, Community Reinvestment Act, and other compliance hot topics.
  • The Operational Risk workshop on July 31 focuses on the key components of operational risk—people, processes, and systems. The workshop also covers governance, third-party risk, vendor management, internal fraud, and cybersecurity.

06/13/2019

McWilliams addresses CATO Summit attendees

In remarks at the CATO Summit on Financial Regulation: “If You Build It, They Will Come” in Washington, D.C., FDIC Chairman McWilliams discussed:

  • The regulatory framework and innovation
  • Benefits of innovation
  • Benefits of banking
  • The FDIC and innovation
  • Small-dollar lending
  • Reducing regulatory burden
  • De novo banks

Pages

Training View All

Penalties View All

Search Top Stories