|
January 1, 2001
Our readers agreed that the "hot issues" will be consumer compliance and disclosures on web pages, consumer privacy, predatory lending, due diligence audits of data centers, and Internet/network security. The follow represent some of the comments we received:
1) State legislatures will address customer privacy and possibly predatory lending
2) Consumer Compliance Disclosures, with special attention to the Internet
3) Information Security and Penetration Testing
4) Intrusion Detection Systems
5) Developing concentrations from lending out of traditional trade areas and collateral control issues from lending out of area
6) Equal Credit and Fair Lending Issues
7) The customer's right to "opt out" before the bank shares customer information
8) Website compliance with Regulation E and due diligence analysis of risks, customer information security, and internal controls
9) Encrypted data
10) Bank Secrecy Act - due diligence
11) Unfair and deceptive practices in solicitations and disclosures
12) Payday lending and other kinds of predatory/sub prime lending activities
13) Intrusion testing related to internet, network, and intranet security
14) With the economy slowing down and a recession likely, the examiners will look closer at credit risks
15) Vendor management practices that include bank management's oversight of all critical vendors (not just Internet). Oversight would include obtaining audits, penetration tests, disaster recovery plans / tests, etc., as well as financial information.
As we go through the new year, we hope that our readers, both bankers and examiners, will share information about web site compliance and Internet/network security. We will share this information in our e-newsletter to help our readers comply with the various Internet compliance issues as well as provide current information about Internet/network security. We always keep your name and the bank information confidential.
With our many years of examining experience, we can provide Your Bank's Internet auditing requirements that follow the regulatory guidelines. These audits include web site audit compliance, Internet/network security audit, intrusion/vulnerability testing, and due diligence audits of your data center and Internet banking providers. In the near future, we will offer a privacy policy audit to ensure that the bank is complying with its privacy statement, which is required by the regulations. Jack, to schedule your audit needs, please contact me at
examiner@yennik.com or call 806-798-7119.
A special THANK YOU to those readers that took time to respond to our survey about the examiners' "Hot Issues" for 2001.
|
