October 29, 2000
FYI - The Federal Reserve Bank of Chicago and the U.S. Department of the Treasury recently launched a new Web site designed to help financial industry professionals provide affordable and convenient financial services to individuals who do not currently have accounts at banks or other institutions.
FYI - In a report released by the Electronic Banking Group of the Basel Committee on Banking Supervision, international bank supervisors agreed that the accelerating pace of technological innovation demands a cooperative approach to the supervision of electronic banking to avoid conflicting regulation among different countries and supervisors.
OCC press release - http://www.occ.treas.gov/ftp/release/2000-82.txt
Basel Committee report - http://www.bis.org/publ/bcbs76.htm
FYI - Even Microsoft gets hacked. http://www.bankwebsiteaudits.com/article10-28-00.htm
FYI - The OCC issued a cease and desist order, by consent to Net First National Bank, Boca Raton, Florida. Article VI of the C&D refers to "web advertisement or solicitation," and "changes in web application sites." This is one of the first C&D that we know about that has to do with Internet banking. The bank's web page is at http://www.net1stnationalbank.com/ and the C&D is at
FYI - More National Banks Offer Internet Services, But Active On-Line Customers Are Few - The number of national banks that allow customers to conduct financial transactions on their internet sites increased 52 percent from September 1999 to July 2000, according to analysis conducted by bank examiners from the Office of the Comptroller of the Currency (OCC). Thirty-two percent of national banks had transactional Web sites in July compared to 21 percent in September 1999.
OCC press release - http://www.occ.treas.gov/ftp/release/2000-84.txt
INTERNET SECURITY - We continue our review of the OCC Bulletin about Infrastructure Threats and Intrusion Risks. This week we review Suspicious Activity Reporting.
National banks are required to report intrusions and other computer crimes to the OCC and law enforcement by filing a Suspicious Activity Report (SAR) form and submitting it to the Financial Crimes Enforcement Network (FinCEN), in accordance with 12 USC 21.11. This reporting obligation exists regardless of whether the institution has reported the intrusion to the information-sharing organizations discussed below. For purposes of the regulation and the SAR form instructions, an "intrusion" is defined as gaining access to the computer system of a financial institution to remove, steal, procure or otherwise affect information or funds of the institution or customers. It also includes actions that damage, disable, or otherwise affect critical systems of the institution. For example, distributed denial of service attacks should be reported on a SAR because they may temporarily disable critical systems of financial institutions.
INTERNET COMPLIANCE - Reserve Requirements of Depository Institutions (Regulation D)
Pursuant to the withdrawal and transfer restrictions imposed on savings deposits, electronic transfers, electronic withdrawals (paid electronically) or payments to third parties initiated by a depositor from a personal computer are included as a type of transfer subject to the six transaction limit imposed on passbook savings and MMDA accounts.
Institutions also should note that, to the extent stored value or other electronic money represents a demand deposit or transaction account, the provisions of Regulation D would apply to such obligations.
Consumer Leasing Act (Regulation M)
The regulation provides examples of advertisements that clarify the definition of an advertisement under Regulation M. The term advertisement includes messages inviting, offering, or otherwise generally announcing to prospective customers the availability of consumer leases, whether in visual, oral, print, or electronic media. Included in the examples are on-line messages, such as those on the Internet. Therefore, such messages are subject to the general advertising requirements.