R. Kinney Williams & Associates
R. Kinney Williams
& Associates

Internet Banking News

December 3, 2000

FYI - The FDIC, together with the other federal regulators of banks, thrifts and credit unions, issued guidance on managing the risk exposure an institution faces when it uses outside firms for technology. http://www.fdic.gov/news/news/financial/2000/fil0081.html 

INTERNET SECURITY - We continue our review of the FDIC paper "Risk Assessment Tools and Practices or Information System Security." 

To ensure the security of information systems and data, financial institutions should have a sound information security program that identifies, measures, monitors, and manages potential risk exposure. Fundamental to an effective information security program is ongoing risk assessment of threats and vulnerabilities surrounding networked and/or Internet systems. Institutions should consider the various measures available to support and enhance information security programs. The appendix to this paper describes certain vulnerability assessment tools and intrusion detection methods that can be useful in preventing and identifying attempted external break-ins or internal misuse of information systems. Institutions should also consider plans for responding to an information security incident.

FYI - The entire FDIC Information System Security paper can be found
at http://www.fdic.gov/news/news/financial/1999/fil9968.html.  

INTERNET COMPLIANCE - Truth in Lending Act (Regulation Z)

The commentary to regulation Z was amended recently to clarify that periodic statements for open-end credit accounts may be provided electronically, for example, via remote access devices. The regulations state that financial institutions may permit customers to call for their periodic statements, but may not require them to do so. If the customer wishes to pick up the statement and the plan has a grace period for payment without imposition of finance charges, the statement, including a statement provided by electronic means, must be made available in accordance with the "14-day rule," requiring mailing or delivery of the statement not later than 14 days before the end of the grace period.

Provisions pertaining to advertising of credit products should be carefully applied to an on-line system to ensure compliance with the regulation. Financial institutions advertising open-end or closed-end credit products on-line have options. Financial institutions should ensure that on-line advertising complies with the regulations. For on-line advertisements that may be deemed to contain more than a single page, financial institutions should comply with the regulations, which describe the requirements for multiple-page advertisements.

 

PLEASE NOTE:  Some of the above links may have expired, especially those from news organizations.  We may have a copy of the article, so please e-mail us at examiner@yennik.com if we can be of assistance.  

Back Button

Company Information
Yennik, Inc.

4409 101st Street
Lubbock, Texas 79424
Office 806-798-7119
Examiner@yennik.com

 

Please visit our other web sites:
VISTA penetration-vulnerability testing
The Community Banker - Bank FFIEC & ADA Web Site Audits
Credit Union FFIEC & ADA Web Site Audits - Bank Auditing Services
US Banks on the Internet  
US Credit Unions on the Internet

All rights reserved; Our logo is registered with the United States Patent and Trademark Office.
Terms and Conditions, Privacy Statement, Copyright Yennik, Incorporated