R. Kinney Williams & Associates
R. Kinney Williams
& Associates

Internet Banking News

April 1, 2001

INTERNET COMPLIANCE - Electronic Delivery of Federally Mandated Disclosures

The Federal Reserve Board published interim final rules to establish uniform standards for the electronic delivery of federally mandated disclosures under five consumer protection regulations: B (Equal Credit Opportunity), E (Electronic Fund Transfers), M (Consumer Leasing), Z (Truth in Lending), and DD (Truth in Savings).

Under the rules, financial institutions, creditors, lessors, and others may deliver disclosures electronically if they obtain consumers' consent in accordance with the requirements of the Electronic Signatures in Global and National Commerce Act (the "E-Sign Act"), enacted in June 2000. The Board's interim rules provide guidance on the timing and delivery of electronic disclosures, consistent with proposed rules issued by the Board in August 1999, to ensure consumers have adequate opportunity to access and retain the information. http://www.federalreserve.gov/BoardDocs/Press/boardacts/2001/20010329/ 

INTERNET SECURITY - We continue our review of the FFIEC press release "Risk Management of Outsourced Technology Services."

Due Diligence in Selecting a Service Provider

Once the institution has completed the risk assessment, management should evaluate service providers to determine their ability, both operationally and financially, to meet the institution's needs. Management should convey the institution's needs, objectives, and necessary controls to the potential service provider. Management also should discuss provisions that the contract should contain. The appendix to this statement contains some specific factors for management to consider in selecting a service provider.

Contract Issues

Contracts between the institution and service provider should take into account business requirements and key risk factors identified during the risk assessment and due diligence phases. Contracts should be clearly written and sufficiently detailed to provide assurances for performance, reliability, security, confidentiality, and reporting. Management should consider whether the contract is flexible enough to allow for changes in technology and the financial institution's operations. Appropriate legal counsel should review contracts prior to signing.

Institutions may encounter situations where service providers cannot or will not agree to terms that the institution requests to manage the risk effectively. Under these circumstances, institutions should either not contract with that provider or supplement the service provider's commitments with additional risk mitigation controls.

PRIVACY - Fair Credit Reporting Act

The OCC announced that Federal banking agencies have stated that any final Fair Credit Reporting Act rule will not require depository institutions to revise Gramm Leach Bliley Act privacy notices prepared in reliance on existing FCRA law and delivered to consumers before next January. http://www.occ.treas.gov/ftp/release/2001-30.txt 

 

PLEASE NOTE:  Some of the above links may have expired, especially those from news organizations.  We may have a copy of the article, so please e-mail us at examiner@yennik.com if we can be of assistance.  

Back Button

Company Information
Yennik, Inc.

4409 101st Street
Lubbock, Texas 79424
Office 806-798-7119
Examiner@yennik.com

 

Please visit our other web sites:
VISTA penetration-vulnerability testing
The Community Banker - Bank FFIEC & ADA Web Site Audits
Credit Union FFIEC & ADA Web Site Audits - Bank Auditing Services
US Banks on the Internet  
US Credit Unions on the Internet

All rights reserved; Our logo is registered with the United States Patent and Trademark Office.
Terms and Conditions, Privacy Statement, Copyright Yennik, Incorporated