19 March 2018
visit www.nextgenbanking.co.uk

US regulators warn banks of technology risks

30 November 2000  |  3080 views  |  0 US regulators warn banks of technology risks

US bank regulators have issued guidance to banks on the management of risk arising from reliance on third-party technology suppliers.

The Federal Financial Institutions Examination Council, which issued the guidance, says it is intended to assist financial institutions in effectively managing the risks of outsourcing arrangements. The FFIEC notes that institutions outsource a wide range of technology services that include aggregation, digital certification, security monitoring, information and transaction processing and settlement activities to support banking functions.

"However, responsibility for managing the risks associated with those products or activities cannot be outsourced," the Council warns.

The FFIEC expects the boards of directors and senior management of financial institutions to directly oversee and manage outsourcing relationships. It says financial institutions should institute an outsourcing process that includes:
* a risk assessment to identify the institution's needs and requirements;
* proper due diligence to identify and select a provider;
* written contracts that clearly outline duties, obligations and responsibilities of the parties involved; and
* ongoing oversight of outsourcing technology services.

The guidance encourages managers to consider additional risk-management controls when services involve the use of the Internet.

"The Internet, with its broad geographic reach, ease of access and anonymity, requires institutions' close attention to maintaining secure systems, detecting intrusions, developing reporting systems, and verifying and authenticating customers," the guidance note states.

In addition, the regulators believe that the emergence of new startup service companies with limited experience, resources and knowledge of the regulated financial services environment should heighten the importance of effective risk-management practices.


Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Bank of England warns on payment system risks

Bank of England warns on payment system risks

30 November 2000  |  3542 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
Visit http://info.nice.comVisit www.vasco.comVisit www.nextgenbanking.co.uk

Top topics

Most viewed Most shared
Can banks be a threat to Big Tech?Can banks be a threat to Big Tech?
9051 views comments | 28 tweets | 39 linkedin
Indian fintech sector needs regulatory support to flourishIndian fintech sector needs regulatory sup...
8465 views comments | 9 tweets | 8 linkedin
BIS warns central banks on digital currency issuanceBIS warns central banks on digital currenc...
7239 views comments | 18 tweets | 17 linkedin
Barclays propels Coinbase into Faster PaymentsBarclays propels Coinbase into Faster Paym...
7185 views comments | 15 tweets | 29 linkedin
AI augmenting compliance processesAI augmenting compliance processes
6920 views comments | 3 tweets | 5 linkedin

Featured job

Competitive base + commission + benefits
UK or Germany

Find your next job