Skip to content

Exception Tracking Spreadsheet (TicklerTrax™)
Downloaded by more than 1,000 bankers. Free Excel spreadsheet to help you track missing and expiring documents for credit and loans, deposits, trusts, and more. Visualize your exception data in interactive charts and graphs. Provided by bank technology vendor, AccuSystems. Download TicklerTrax for free.

Click Now!


Top Story Security Related

10/25/2024

CFPB: Third-party reports on workers subject to FCRA

The CFPB has issued Consumer Financial Protection Circular 2024-06, "Background Dossiers and Algorithmic Scores for Hiring, Promotion, and Other Employment Decisions," presenting the question: "Can an employer make employment decisions utilizing background dossiers, algorithmic scores, and other third-party consumer reports about workers without adhering to the Fair Credit Reporting Act (FCRA)?"

The guidance warns that companies using third-party consumer reports — including background dossiers and surveillance-based, “black box” AI or algorithmic scores about their workers — must follow FCRA rules. This means employers must obtain worker consent, provide transparency about data used in adverse decisions, and allow workers to dispute inaccurate information.

PUBLICATION INFO: Published 11/12/2024 at 89 FR 88875. The circular was released by the CFPB on its website on 10/24/2024.

10/24/2024

FinCEN fines hotel and casino $900K for BSA violations

Yesterday, FinCEN announced it has assessed a $900,000 civil money penalty against Sahara Dunes Casino, LP DBA Lake Elsinore Hotel and Casino (Lake Elsinore) for willful violations of the Bank Secrecy Act and its implementing regulations.

As part of its resolution with FinCEN, Lake Elsinore admitted to willful violations of the BSA, including failing to implement and maintain an effective AML program, failing to file currency transaction reports (CTRs) and suspicious activity reports (SARs), and certain recordkeeping failures. Lake Elsinore’s willful violations of the BSA, which continued for over four and a half years, resulted from decisions made by the card club’s management. In addition to the civil money penalty, Lake Elsinore will also be subject to an AML program review.

10/24/2024

FinCEN alert to financial institutions concerning Hizballah financing

FinCEN has announced it has issued alert FIN-2024-Alert003 to financial institutions to counter financing of Hizballah and its terrorist activities. The alert was issued to help financial institutions identify funding streams supporting the Iran-backed Lebanese militia and U.S.-designated Foreign Terrorist Organization (FTO) Lebanese Hizballah. This alert supplements the information related to Hizballah’s financing outlined in FinCEN’s 2024 Advisory on Iran-Backed Terrorist Organizations.

10/23/2024

SEC charges four companies with misleading cyber disclosures

The Securities and Exchange Commission has announced charges against four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions. The SEC also charged Unisys with disclosure controls and procedures violations. The companies agreed to pay the following civil penalties to settle the SEC’s charges:

  • Unisys — $4 million
  • Avaya — $1 million
  • Check Point — $995,000
  • Mimecast — $990,000

The charges against the four companies result from an investigation involving public companies potentially impacted by the compromise of SolarWinds’ Orion software and by other related activity. According to the SEC’s orders, Unisys, Avaya, and Check Point learned in 2020, and Mimecast learned in 2021, that the threat actor likely behind the SolarWinds Orion hack had accessed their systems without authorization, but each negligently minimized its cybersecurity incident in its public disclosures.

10/23/2024

FSB chair calls for effective implementation of agreements

The Financial Stability Board has published a letter from its Chair, Klaas Knot, to G20 finance ministers and central bank governors ahead of their October meeting. The letter outlines the work the FSB has undertaken on financial innovation, payments systems, and operational resilience. It also introduces the reports the FSB is submitting to the G20 addressing these issues, including: The Financial Stability Board is an international body that monitors and makes recommendations about the global financial system.

10/22/2024

CFPB finalizes Personal Data Rights Rule

This morning, the CFPB announced it has finalized a rule designed to give consumers greater rights, privacy, and security over their personal financial data. The rule will require financial institutions, credit card issuers, and other financial providers to unlock an individual’s personal financial data and transfer it to another provider at the consumer’s request for free.

The Bureau said that consumers will be able to more easily switch to providers with superior rates and services, and, by fueling competition and consumer choice, the rule will help lower prices on loans and improve customer service across payments, credit, and banking markets. The rule also establishes strong privacy protections, requiring that personal financial data can only be used for the purposes requested by the consumer. It ensures that third parties cannot use consumer data for other purposes that benefit the third party, but that consumers do not want. It also helps move the industry away from “screen scraping,” a still common but risky practice that typically involves consumers providing their account passwords to third parties who use them to access data indiscriminately through online banking portals.

Compliance with the rule, which amends 12 CFR Part 1033, will be implemented in phases, with larger providers subject to the rule sooner than smaller ones. Financial firms will be required to comply based on their size; the largest institutions will have to comply by April 1, 2026, while the smallest covered institutions will have until April 1, 2030. Certain small banks and credit unions are not subject to this rule.

  • Executive Summary of Rule
  • Published 11/18/2024 at 89 FR 90838, with an effective date of 1/17/2024.
  • Compliance dates: Data providers must comply with the requirements in 12 CFR part 1033, subparts B and C beginning April 1, 2026; April 1, 2027; April 1, 2028; April 1, 2029; or April 1, 2030, based on the criteria set forth in § 1033.121(c).

10/22/2024

OCC finalizes revisions to recovery planning guidelines

The OCC has reported it has finalized revisions to its recovery planning guidelines for certain large insured national banks, federal savings associations, and federal branches (banks).

The revisions to the recovery planning guidelines are part of the OCC’s effort to ensure that large banks are adequately prepared for and have developed plans to respond to the financial effects of severe stress, particularly in light of the contagion effects and systemic risks they may pose.

The revisions:

  • Expand the recovery planning guidelines to apply to banks with at least $100 billion in assets
  • Incorporate a testing standard for recovery plans
  • Clarify the role of non-financial risk (including operational and strategic risk) in recovery planning
  • Provide covered banks with time frames in which to comply with the recovery planning guidelines, including development of a testing framework and conducting testing

The revisions, published in today's Federal Register at 89 FR 84255, are effective on January 1, 2025, with staggered compliance dates. They will apply to insured national banks, insured Federal savings associations, and insured Federal branches of foreign banks with average total consolidated assets of $100 billion or more.

10/22/2024

FTC report on scams and older adults

The Federal Trade Commission has released its annual report to Congress on the Commission’s recent efforts to protect older adults.

This year’s report describes new scam and fraud trends, FTC cases and rulemakings impacting older adults, and updates on its Pass It On and other outreach programs.

10/21/2024

FinCEN posts 2023 SAR filing trend data

FinCEN has added Filing Trend Data by industry updated through the 2023 calendar year to its Interactive SAR Stats website. The new downloadable data is arranged by industry type, and includes rankings by states/territories and suspicious activities.

10/18/2024

OCC announces enforcement actions

The OCC has released enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with banks the OCC supervises.

  • Formal Agreement with Axiom Bank, N.A., Maitland, Florida, for unsafe or unsound practices, including those related to the bank’s Bank Secrecy Act/Anti-Money Laundering (BSA/AML) compliance program and violations of 12 CFR 21.21(d)(1) and (d)(3) (BSA/AML internal controls and BSA officer).
  • Formal Agreement with First National Bank of Dennison, Dennison, Ohio, for unsafe or unsound practices, including those related to board and management oversight, credit underwriting, and credit administration.
  • Formal Agreement with First National Bank of Lake Jackson, Lake Jackson, Texas, for unsafe or unsound practices, including those related to strategic and capital planning, liquidity risk management, and interest rate risk management.
  • Formal Agreement with The First National Bank of Waverly, Waverly, Ohio, for unsafe or unsound practices, including those relating to strategic planning, capital planning, and liquidity risk management.
  • The previously announced Cease and Desist Order and Civil Money Penalty against TD Bank, N.A., Wilmington, Delaware, and TD Bank USA, N.A., Wilmington, Delaware, for deficiencies in the banks’ BSA/AML compliance program.
  • Orders of Prohibition against—
    • Tanya Jazmin Cortez, former Teller and Concierge at Los Angeles County, California, branches of Citibank, N.A., Sioux Falls, South Dakota, for selling confidential bank customer information to a third party, resulting in check fraud and a loss to the bank of approximately $348,000.
    • Alexis LeaAnne Day (f/k/a Alexis LeaAnne Adcock), former Client Relationship Consultant at a Clarksville, Tennessee, branch of U.S. Bank, N.A., Cincinnati, Ohio, for misappropriating approximately $10,000 from a bank ATM.
    • Leronne D. Kornegay, former Associate Banker at a Brooklyn, New York, branch of JPMorgan Chase Bank, N.A., Columbus, Ohio, for engaging in a scheme to steal bank funds and falsely reporting the receipt of counterfeit bills in the bank’s general ledger. The bank suffered a loss of at least $201,000.
    • Lexus Inez Lewis, former Fraud Operations Specialist, at a Jacksonville, Florida, branch of Citibank, N.A., Sioux Falls, South Dakota, resolving the Notice of Charges, in which the OCC alleged, among other things, that Lewis made false representations in her employment application and became employed at the bank in violation of federal law; caused fraudulent transactions totaling at least $389,000 to incur on bank customers’ credit card accounts; and kept bank equipment without authorization. Lewis consented to the Order without admitting or denying the allegations in the Notice.

Pages

Training View All

Penalties View All

Search Top Stories