Tag Archives: FFIEC

FFIEC Proposes Social Media Guidance

On January 22, 2013, the Federal Financial Institutions Examination Council proposed guidance on the applicability of consumer protection and compliance laws, regulations, and policies to activities conducted via social media by depository institutions.  The proposed guidance would not impose additional compliance obligations on institutions.  Instead, the guidance is intended to help financial institutions understand potential … Continue Reading

FDIC Official Discusses Implementation of FFIEC Authentication Guidance

In an interview with Information Security Media Group, William Henley, Associate Director of the Federal Deposit Insurance Corporation’s (FDIC) Technology Supervision Branch, discussed the status of the banking industry’s implementation of FFIEC authentication guidance released in July 2011.  Henley generally said that the industry was working towards compliance and offered that FDIC examiners at this stage … Continue Reading

FFIEC Issues Risk Management Guidance for Cloud Computing

On July 10, the Federal Financial Institutions Examination Council (FFIEC) issued risk management guidance for depository institutions’ use of cloud computing.  The guidance defines cloud computing generally as “a migration from owned resources to shared resources in which client users receive information technology services, on demand, from third-party service providers via the Internet ‘cloud.’”  The guidance also … Continue Reading

Settlement Reached in Data Security Breach Lawsuit Against Bank

Yesterday, Village View, Inc. reached a settlement with Professional Business Bank, a California state-chartered bank subject to regulation by the Federal Deposit Insurance Corporation (FDIC), over the company’s lawsuit against the bank arising from a data security breach.  In March 2010, Village View lost nearly $400,000 after the company’s bank account was compromised by hackers.  … Continue Reading

FFIEC Authentication Guidance to be a Hot Topic in 2012

Last year, the Federal Financial Institutions Examination Council (FFIEC) released a much-anticipated supplement to its Authentication in an Internet Banking Environment guidance.  The supplement updates the FFIEC’s supervisory expectations regarding depository institutions’ customer authentication, layered security, and other controls for Internet banking.  Starting this year, FFIEC information technology examinations will include reviews for compliance with … Continue Reading

FFIEC Releases Supplement to Authentication Guidance

The Federal Financial Institutions Examination Council (FFIEC) released the long-awaited supplement to its authentication guidance, Authentication in an Internet Banking Environment.  The supplement represents the most current and authoritative guidance regarding data security in connection with online banking platforms.  Here are a few highlights of the supplement: Financial institutions should perform periodic risk assessments that … Continue Reading
LexBlog