Blog Editor

Ann Graham
Associate Professor of Law
Texas Tech Univ School of Law
Profile
Email

Resources

About Banking Law Prof Blog
Email Editor Comments & Content

Find Banking Law Profs
Google Scholar
Law Schools
SSRN

Federal Regulatory Agencies
Office of the Comptroller of the Currency (OCC)
Office of Thrift Supervision (OTS)
Federal Deposit Insurance Corporation (FDIC)
Federal Reserve System
National Credit Union Administration (NCUA)
Federal Financial Institutions Examination Council (FFIEC)
Financial Crimes Enforcement Network (FinCEN)

Trade Associations
American Bankers Association (ABA)
Independent Community Bankers of America (ICBA)
Financial Services Roundtable
Conference of State Bank Supervisors (CSBS)
Consumer Bankers Association (CBA)
Mortgage Bankers Association (MBA)
Credit Union National Association (CUNA)
National Association of Federal Credit Unions (NAFCU)
National Association of State Credit Union Supervisors (NASCUS)
World Council of Credit Unions, Inc. (WOCCU)

Consumer Resources
Federal Trade Commission (FTC)
Center for Responsible Lending
National Consumer Law Center
Consumers Union
ACORN (Association of Community Organizations for Reform Now)
FDIC
OCC
FRB
OTS

Publications
American Banker
Credit Union Times

Congressional & Administrative Resources
U.S. Senate
U.S. House of Representatives
Statutes
Code of Federal Regulations
Federal Register
Important Federal Banking Legislation Listed

Banking Compliance Websites
Federal
BankersOnline
Compliance Headquarters

Free Legal Web Sites
Findlaw
JURIST

Blog Traffic

Since September 26, 2006

Blogware

Powered by TypePad

Notices

© Copyright 2006 by Law Professor Blogs, LLC. All rights reserved.

« Congratulations to Sara Kelsey, New FDIC General Counsel | Main | What Are Those Examiners Thinking? »

January 4, 2007

Exam Heads Up: Full Compliance Required for FFIEC Authentication Requirements

Examiners will be checking for compliance with the FFIEC Guidelines for Authentication in an Internet Banking Environment which were fully effective Dec. 31, 2006.  Each of the Federal Banking Agencies sent out their own announcements of these new requirements in Oct. 2005 -- plenty of lead-time to implement them, but now the compliance examiners will get serious.  These measures offer additional protection from identity theft for banks and their customers.

Key components of the new requirements:

  • Risk assessment
  • Customer education
  • A statement that single-factor authentication will no longer be adequate for high-risk transactions involving access to customer information or funds transfers.

Link to FFIEC Announcement: http://www.ffiec.gov/press/pr101205.htm

FFIEC Guidance:  http://www.ffiec.gov/pdf/authentication_guidance.pdf

FDIC FIL:  http://www.ffiec.gov/ffiecinfobase/resources/info_sec/2006/fdi-fil-103-2005.pdf

OCC:  http://www.ffiec.gov/ffiecinfobase/resources/info_sec/2006/occ-bul_2005-35.pdf

FRB, OTS, and NCUA have similar announcements.

(ag) Jan. 4, 2007, in Examination, Federal Banking Agencies, Identity Theft, Internet Banking

January 4, 2007 in Examination, Federal Banking Agencies, Identity Theft, Internet Banking | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/t/trackback/89778/7376447

Listed below are links to weblogs that reference Exam Heads Up: Full Compliance Required for FFIEC Authentication Requirements:

Comments

Post a comment