In January 2012, FFIEC examiners will be formally assessing financial institutions' adherence to the new FFIEC "Supplement to Authentication in an Internet Banking Environment" guidelines. Is your organization ready? The following check list outlines some of the fundamental requirements of the new FFIEC Authentication...
The FFIEC Authentication Guidance update is out, and third-party service providers need to begin reviewing their internal systems and communicating with their financial institution customers, says Wells Fargo Bank's Phil Alexander.
Banking institutions have a lot to do in order to prepare for the Jan. 2012 deadline to conform with the new FFIEC authentication guidance, and former banking regulator William Henley has one, simple piece of advice: start now.
"We're continually testing our controls and the effectiveness of our controls. We do a lot of emerging-threats monitoring ... so we can react," says First Niagara's Joe Rogalski.
Organizations taking proper preventative measures realize a cost savings of nearly 25 percent over those that don't, an analysis of a survey sponsored by Hewlett-Packard reveals. Still, the study shows, it takes longer to resolve cyberattacks than it did a year ago.
Despite previously announced plans to appeal last month's ruling in the ACH fraud lawsuit filed by Experi-Metal Inc., Comerica Bank now says it has resolved to pay the $560,000 in damages and close the case.
Corporate account takeover events are reigniting the debate between banks and their former commercial customers, about everything from fraud liability and the "good faith" standard to commercially reasonable security.
With the issuance of the final FFIEC Authentication Guidance, institutions need to start moving forward on conformance, and taking a risk-focused approach is the first step, says Matthew Speare, SVP of IT for M&T Bank Corp.
Two electronic health records pioneers that already have earned federal EHR incentive payments stress that a robust risk management program should be an essential component of any movement from paper to electronic records.
It's the new conventional wisdom: all computer networks will be attacked.
For Phyllis Schneck, that means organizations must be resilient, keeping computers functioning even when they're under assault.
On June 28, the FFIEC released its final, formal version of its Authentication Guidance. Not even one month later, we've created three new training programs to help banking institutions understand and conform with the guidance.
You don't need to agree with assailants' motivation, most of us don't. But you must understand what's behind their action to help defend against their intrusions.
In a merger, it's important for both organizations to have strong communication and data protection processes in place, says Phil Romero, senior security architect of First Technology Federal Credit Union. His institution just led a $4.75 billion merger.
It's not enough for banking institutions to conform to the FFIEC Authentication Guidance update. They also must ensure that their key vendors meet the same standards, says Philip Alexander of Wells Fargo Bank.
Former banking regulator William Henley has simple advice for banking institutions wondering how to comply with the new FFIEC authentication guidance update: "Start immediately, develop a plan, and document your progress."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.