R. Kinney Williams & Associates
R. Kinney Williams
& Associates

Internet Banking News

April 22, 2001

FYI CLIENTS - The Federal Trade Commission is celebrating the first anniversary of a law designed to protect children's privacy by cracking down on three companies that collected information about minors without parental consent. http://news.cnet.com/news/0-1005-200-5666843.html?tag=mn_hd 

INTERNET COMPLIANCE - Non-Deposit Investment Products

Financial institutions advertising or selling non-deposit investment products on-line should ensure that consumers are informed of the risks associated with non-deposit investment products as discussed in the "Interagency Statement on Retail Sales of Non Deposit Investment Products." On-line systems should comply with this Interagency Statement, minimizing the possibility of customer confusion and preventing any inaccurate or misleading impression about the nature of the non-deposit investment product or its lack of FDIC insurance.

1) Not FDIC Insured 2) No Bank Guarantee 3) May Lose Value

We have been informed that the FDIC membership advertising and the above disclaimer should NOT be on the same web page. In addition, the disclaimer format disclosures should be boxed, set in bold face type, and displayed in a conspicuous manner.

INTERNET SECURITY - The regulatory agencies are concerned about financial institutions protecting their Internet domain names. This is the last of a two part Financial Institution Letter from the FDIC:

Possible Resolutions

Depending on the nature of the problem involving a bank's domain name, management may pursue various courses of action. Legal recourse may be available under the Anti-Cybersquatting Consumer Protection Act, 15 U.S.C. 1125(d), which prohibits registering or using a domain name that is confusingly similar to another name, with the intent to profit. Other situations involving Web sites that are used to promote fraud or illegal activity can be addressed under existing laws that address financial fraud and computer crime (e.g., 18 U.S.C. 1101 - Fraud and False Statements, 18 U.S.C. 1030 - Fraud in Connection with Computers, 18 U.S.C. 1343 - Wire Fraud). Banks also are reminded that suspicious activity involving domain names should be reported according to existing instructions for filing Suspicious Activity Reports with their primary federal regulator and law enforcement agencies.

Disputes over domain names can also be handled by private arbitrators. A dispute resolution process, outlined in the Uniform Domain-Name Dispute-Resolution Policy, has been established by the Internet Corporation for Assigned Names and Numbers (ICANN) to deal with conflicts arising over domain name ownership. All registrars in the .com, .net, and .org domains are subject to this policy, the text of which can be accessed at ICANN's Web site at www.icann.org

Security Considerations

It is important that bank management be alert to security considerations regarding domain name servers, which are computers that allow Internet users to locate information and resources on the Internet by domain name. These servers maintain a database of domain names and their corresponding network locations. Unauthorized changes to the server could result in misdirected Internet traffic or obstructed access to a bank's Internet site. While many banks outsource this function to third-party service providers, bank management can ensure that security features are in place and assessed periodically.

Management also can consider security in its communications with the bank's domain name registrar. For example, to prevent unauthorized changes to a bank's domain name information, management can ensure that proper controls are in place for authenticating and authorizing all requests for modifications to its registration.

FYI - On April 16, 2001, OCC released a bulletin on Regulation E--Electronic Fund Transfer Act and related Final Rules and Staff Interpretation. Bulletin: http://www.occ.treas.gov/ftp/bulletin/2001-21.txt 
Final Rule/Interpretation: http://www.occ.treas.gov/ftp/regs/2001-21b.txt 

 

PLEASE NOTE:  Some of the above links may have expired, especially those from news organizations.  We may have a copy of the article, so please e-mail us at examiner@yennik.com if we can be of assistance.  

Back Button

Company Information
Yennik, Inc.

4409 101st Street
Lubbock, Texas 79424
Office 806-798-7119
Examiner@yennik.com

 

Please visit our other web sites:
VISTA penetration-vulnerability testing
The Community Banker - Bank FFIEC & ADA Web Site Audits
Credit Union FFIEC & ADA Web Site Audits - Bank Auditing Services
US Banks on the Internet  
US Credit Unions on the Internet

All rights reserved; Our logo is registered with the United States Patent and Trademark Office.
Terms and Conditions, Privacy Statement, Copyright Yennik, Incorporated