Archive

Go to:

August 2017
SMTWTFS
12345
6789101112
13141516171819
20212223242526
2728293031
< Jul Sep >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

InfoSight Highlight: Authentication in an Internet Banking Environment
Friday, June 16, 2017 7:00 AM

In October 2005, the FFIEC Agencies (Agencies) issued guidance that provided a risk-management framework for financial institutions offering Internet-based products and services to their members. It stated that institutions should use effective methods to authenticate the identity of customers and that the techniques employed should be commensurate with the risks associated with the products and services offered and the protection of sensitive customer information.

In 2011, the Agencies issued a Supplement to the Guidance to reinforce the risk-management framework and update the Agencies’ expectation regarding customer authentication, layered security, or other controls in the increasingly hostile environment. The supplement reiterates and reinforces the expectations described in the 2005 Guidance that financial institutions should perform periodic risk assessments considering new and evolving threats to online accounts and adjust their customer authentication, layered security, and other controls as appropriate in response to identified risks.

As per the guidance, these risk assessments should be performed each time the credit union adds services through Internet banking or every 12 months. It establishes minimum control expectations for certain online banking activities and identifies controls that are less effective in the current environment. It also identifies certain specific minimum elements that should be part of an institution’s customer awareness and education program.

Source:  InfoSight Compliance.

Need more info on a regular basis? Check out InfoSight, your first stop when searching for compliance answers. InfoSight operates as an online compliance manual at your fingertips, containing federal and state-specific content that is accurate, concise, and detailed on a wide range of topics and issues. Subscribers are able to access easy-to-read compliance summaries, checklists for compliance, direct links to laws and regulations, frequently asked questions, and links to additional important resources, including CUNA's online compliance resource "E-Guide." As part of InfoSight, the League sends out a weekly eNewsletter highlighting regulatory changes, hot topics in compliance, and comment calls.

Subscribe here.