November 5, 2000
FYI - Holidays Observed by the Federal Reserve, 2001-05 http://www.bog.frb.fed.us/Releases/K8/default.htm
FYI - Notice of Consumer Consent Requirements Applicable to the Electronic Delivery of Consumer Disclosures
The Electronic Signatures in Global and National Commerce Act (E-Sign Act), signed into law on June 30, 2000, provides a general rule of validity for electronic records and signatures for transactions in or affecting interstate or foreign commerce. Subject to certain exceptions, the law's effective date is October 1, 2000, with record retention requirements effective beginning March 1, 2001.
FYI - The OCC's "Community Bank Consumer Compliance" booklet updates the 1995 edition. Its introduction explains which banks are subject to the booklet's procedures and how examiners set the scope of a community bank's consumer compliance examination.
INTERNET SECURITY - We continue our review of the OCC Bulletin about Infrastructure Threats and Intrusion Risks. This week we review Testing.
Management should ensure that information system networks are tested regularly. The nature, extent, and frequency of tests should be proportionate to the risks of intrusions from external and internal sources. Management should select qualified and reputable individuals to perform the tests and ensure that tests do not inadvertently damage information systems or reveal confidential information to unauthorized individuals. Management should oversee the tests, review test results, and respond to deficiencies in a timely manner. In accordance with OCC's "Technology Risk Management: PC Banking," management should ensure that an objective, qualified source conducts a penetration test of Internet banking systems at least once a year or more frequently when appropriate.
INTERNET COMPLIANCE - Equal Credit Opportunity Act (Regulation B)
The regulations clarifies the rules concerning the taking of credit applications by specifying that application information entered directly into and retained by a computerized system qualifies as a written application under this section. If an institution makes credit application forms available through its on-line system, it must ensure that the forms satisfy the requirements.
The regulations also clarify the regulatory requirements that apply when an institution takes loan applications through electronic media. If an applicant applies through an electronic medium (for example, the Internet or a facsimile) without video capability that allows employees of the institution to see the applicant, the institution may treat the application as if it were received by mail.