Answer:
In some cases yes, the guidance is quite prescriptive, which can be alarming for institutions that aren’t meeting the expectations. In other cases the guidance is vague. Overall, the expectation is that the bank measures its own unique risks based on the products and services it offers, then define appropriate controls and test those controls regularly. The guidance will also prove useful for institutions considering enhanced mobile services in the future.
Some risks that a bank should understand and consider aren’t covered in this version of the guidance, such as risks associated with your customer’s use of public Wi-Fi. We’ll explore what’s covered in the guidance and what is not, so that your due diligence and risk management program is robust.
-----------------------------
Learn more about Rayleen Pirnie’s webinar Mobile Services Risk Management
print
share