04/06/2009
03/16/2009
A big part of our IT Security budget is spent on GLBA compliance. Are we doing something wrong?
03/16/2009
An examiner (FDIC) found that we should have a formal referral system for reporting what is suspected to be suspicious activity to me, the BSA Officer. She suggested that I create a form available to all employees to be completed by any employee who sees what he or she considers suspicious activity. Does such a form exist and if so, where can I find it? If not, what information would you think I need to include in the form?
03/09/2009
How can a bank achieve assured compliance given the constrained information security budgets today?
01/12/2009
A banker was dismissed for dishonesty and has since applied for employment at another bank. Should we inform the other bank of his or her past?
12/08/2008
Among credit risk, market risk and operational risk, developing a good operational risk management program seems to be the most challenging. Can't our existing compliance processes (e.g., AML, Red Flags, GLBA, etc.) contribute to operational risk management?
11/17/2008
Are government agents or law enforcement employees exempt from providing their personal information for CIP when they open accounts?
11/10/2008
Should training on our business continuity plan be separated into two training sessions? For example, should we conduct one for management / supervisory positions on how to execute the BCP and another for non-management / supervisory positions on whom to contact during a disaster?
09/29/2008
Where can I find a specific reference showing the requirements for annual background checks on employees?
09/01/2008
I have attended the Security Institute and have a question. Should security know if an employee is going through a foreclosure? In these desperate times people may become capable of desperate measures, but their personal privacy is also important. How do we handle this from a security standpoint?