Internet Banking News

July 11, 1999

1) This week the FDIC issued a lengthy paper on Information System Security Issues. This 16 page document covers information security program, risk assessment, vulnerability of assessment tools, penetration analysis, intrusion detection systems, and incident response. If you have not seen this paper, you will find it at

If you like, I will be happy to e-mail you a copy. Please send me an e-mail and indicate Word or WordPerfect format.

COMMENT: Since Y2K is winding down, Internet security is becoming a big issue with the bank examiners. Be sure that your Internet policy has a complete section dealing with security. In addition, you need to perform security checks of your server or your third party Internet banking provider at least annually. If I can be of assistance to your bank by conducting your Internet security review, please give me a call.

2) Expedited Funds Availability Act (Regulation CC) - Generally, the rules pertaining to the duty of an institution to make deposited funds available for withdrawal apply in the electronic financial services environment. This includes rules on funds availability schedules, disclosure of policy, and payment of interest.

Recently, the FRB published a commentary that clarifies requirements for providing certain written notices or disclosures to customers via electronic means. Specifically, the commentary to 229.13(g)-1a states that a financial institution satisfies the written exception hold notice requirement, and the commentary to 229.15(a)-1 states that a financial institution satisfies the general disclosure requirement by sending an electronic version that displays the text and is in a form that the customer may keep. However, the customer must agree to such means of delivery of notices and disclosures.

Information is considered to be in a form that the customer may keep if, for example, it can be downloaded or printed by the customer. To reduce compliance risk, financial institutions should test their programs' ability to provide disclosures in a form that can be downloaded or printed.

COMMENT: When your web page addresses transactional deposit accounts, there should be a link to your funds availability policy. Section 229.1 can be found at

Back Button

Go to the Bank Web Site Audit home page.

Company Information
Yennik, Inc.

4409 101st Street
Lubbock, Texas 79424
Office 806-798-7119


Please visit our other web sites:
VISTA penetration-vulnerability testing
The Community Banker - Bank FFIEC & ADA Web Site Audits
Credit Union FFIEC & ADA Web Site Audits - Bank Auditing Services
US Banks on the Internet  
US Credit Unions on the Internet

All rights reserved; Our logo is registered with the United States Patent and Trademark Office.
Terms and Conditions, Privacy Statement, Copyright Yennik, Incorporated