08/04/2003
I am in the process of revamping the policies for our IT department. These policies include Information Security Program, Internet Usage, E-Risk, Disaster Recovery, On-Line Privacy, EDP/End User, and Electronic Banking. Do you have any suggestions on where I can get templates for these policies?
08/04/2003
As it relates to IT examinations, what are the top "hot buttons" for regulators?
08/04/2003
Our bank is going to start offering online loan applications for customers to print, fill out and send in for home mortgages. Do we have to give any disclosures out on the Web site to customers printing up a loan application? We will also be taking applications for new accounts online. To stay in compliance with the CIP regulation, will they have to come into the bank for the account to be opened? Do we have to have the disclosures online or can they be given to the customer when the customer comes into the branch?
06/16/2003
Are we required under the Privacy Act to post the short notice for Privacy on an ATM for non-customers that use our machines?
05/05/2003
If a financial institution's privacy notice states that they do not disclose any nonpublic personal information except as authorized by law, do they have to place that disclosure at their ATMs?
04/21/2003
If we continually post our privacy policy on our website, are we required to send e-statement customers an annual notification that our statement is available for review on our website?
02/17/2003
An issue has come up a couple times in the recent past: Our customers are sending emails directly to our employees, especially our commercial customers. The emails are not encrypted or password protected and they often contain non-public information - loan requests, updates on rent rolls, financial information on their company. Our customers want us to communicate in email form. We offer email that is encrypted via our Internet banking product. However, the lenders are telling me that their customers will not go through the inconvenience of logging in to Internet banking to communicate. Our Privacy Policy does extend beyond the minimum requirements of GLB; we opted to include commercial customers under the privacy blanket. Our E:Banking Policy does not address communication of non public information via email (incoming or outgoing). Does anyone have a practical solution to this growing concern?
02/01/2003
- Only about 10% of the people that report identity theft are senior citizens (in their study, people over 60) and of those, 52% involved credit cards.
01/01/2003
- Only about 10% of the people that report identity theft are senior citizens (in their study, people over 60) and of those, 52% involved credit cards.
10/14/2002
Business Case Estimates New Banking Industry Revenue of $1 Billion in 5th Year from Internet Payment and Authentication Services