R. Kinney Williams & Associates
R. Kinney Williams
& Associates

Internet Banking News

May 19, 2002

FYI  - OCC Issues Final Rule on Electronic Banking - The Office of the Comptroller of the Currency published a final rule today that will facilitate the use of electronic technologies by national banks, consistent with safety and soundness.
Attachment: www.occ.treas.gov/ftp/release/2002-44.txt
Attachment: www.occ.treas.gov/ftp/release/2002-44a.pdf

FYI -
Specially Designated Nationals and Blocked Persons - On May 3, 2002, Treasury's Office of Foreign Assets Control (OFAC) amended its list of Specially Designated Nationals and Blocked Persons by adding nine names of Specially Designated Global Terrorists. Assets belonging to these individuals and entities must be blocked immediately. www.fdic.gov/news/news/financial/2002/fil0246.html

FYI - Financial Action Task Force Guidance for Financial Institutions in Detecting Terrorist Financing - This advisory letter transmits the Financial Action Task Force's (FATF) "Guidance for Financial Institutions in Detecting Terrorist Financing," dated April 24, 2002. www.occ.treas.gov/ftp/advisory/2002-4.txt  
FATF web site http://www1.oecd.org/fatf/ 

FYI
- The Justice Department is investigating a group of the world's largest banks for allegedly using their online trading service to restrict competition in the foreign-currency market, a report Wednesday said.  http://news.com.com/2100-1017-913934.html?tag=cd_mh 

INTERNET COMPLIANCE
Reserve Requirements of Depository Institutions (Regulation D)

Pursuant to the withdrawal and transfer restrictions imposed on savings deposits, electronic transfers, electronic withdrawals (paid electronically) or payments to third parties initiated by a depositor from a personal computer are included as a type of transfer subject to the six transaction limit imposed on passbook savings and MMDA accounts.

Institutions also should note that, to the extent stored value or other electronic money represents a demand deposit or transaction account, the provisions of Regulation D would apply to such obligations. 

Consumer Leasing Act (Regulation M)

The regulation provides examples of advertisements that clarify the definition of an advertisement under Regulation M. The term advertisement includes messages inviting, offering, or otherwise generally announcing to prospective customers the availability of consumer leases, whether in visual, oral, print, or electronic media. Included in the examples are on-line messages, such as those on the Internet. Therefore, such messages are subject to the general advertising requirements.


INTERNET SECURITY
- We continue the series  from the FDIC "Security Risks Associated with the Internet."  While this Financial Institution Letter was published in December 1997, the issues still are relevant.


Utilization of the Internet presents numerous issues and risks which must be addressed. While many aspects of system performance will present additional challenges to the bank, some will be beyond the bank's control. The reliability of the Internet continues to improve, but situations including delayed or misdirected transmissions and operating problems involving Internet Service Providers (ISPs) could also have an effect on related aspects of the bank's business. 

The risks will not remain static. As technologies evolve, security controls will improve; however, so will the tools and methods used by others to compromise data and systems. Comprehensive security controls must not only be implemented, but also updated to guard against current and emerging threats. Security controls that address the risks will be presented over the next few weeks.

SECURITY MEASURES

The FDIC paper discusses the primary interrelated technologies, standards, and controls that presently exist to manage the risks of data privacy and confidentiality, data integrity, authentication, and non-repudiation.


Encryption, Digital Signatures, and Certificate Authorities 


Encryption techniques directly address the security issues surrounding data privacy, confidentiality, and data integrity.  Encryption technology is also employed in digital signature processes, which address the issues of authentication and non-repudiation.  Certificate authorities and digital certificates are emerging to address security concerns, particularly in the area of authentication.  The function of and the need for encryption, digital signatures, certificate authorities, and digital certificates differ depending on the particular security issues presented by the bank's activities.  The technologies, implementation standards, and the necessary legal infrastructure continue to evolve to address the security needs posed by the Internet and electronic commerce.


PRIVACY EXAMINATION QUESTION - We continue our series listing the regulatory-privacy examination questions.  When you answer the question each week, you will help ensure compliance with the privacy regulations.

Content of Privacy Notice

13. If the institution does not disclose nonpublic personal information, and does not reserve the right to do so, other than under exceptions in 14 and 15, does the institution provide a simplified privacy notice that contains at a minimum: 

a. a statement to this effect;

b. the categories of nonpublic personal information it collects;

c. the policies and practices the institution uses to protect the confidentiality and security of nonpublic personal information; and

d. a general statement that the institution makes disclosures to other nonaffiliated third parties as permitted by law? [6(c)(5)]

(Note: use of this type of simplified notice is optional; an institution may always use a full notice.)

 

PLEASE NOTE:  Some of the above links may have expired, especially those from news organizations.  We may have a copy of the article, so please e-mail us at examiner@yennik.com if we can be of assistance.  

Back Button

Company Information
Yennik, Inc.

4409 101st Street
Lubbock, Texas 79424
Office 806-798-7119
Examiner@yennik.com

 

Please visit our other web sites:
VISTA penetration-vulnerability testing
The Community Banker - Bank FFIEC & ADA Web Site Audits
Credit Union FFIEC & ADA Web Site Audits - Bank Auditing Services
US Banks on the Internet  
US Credit Unions on the Internet

All rights reserved; Our logo is registered with the United States Patent and Trademark Office.
Terms and Conditions, Privacy Statement, Copyright Yennik, Incorporated