22 October 2017
visit www.response.ncr.com

US regulators warn banks of technology risks

30 November 2000  |  3031 views  |  0 US regulators warn banks of technology risks

US bank regulators have issued guidance to banks on the management of risk arising from reliance on third-party technology suppliers.

The Federal Financial Institutions Examination Council, which issued the guidance, says it is intended to assist financial institutions in effectively managing the risks of outsourcing arrangements. The FFIEC notes that institutions outsource a wide range of technology services that include aggregation, digital certification, security monitoring, information and transaction processing and settlement activities to support banking functions.

"However, responsibility for managing the risks associated with those products or activities cannot be outsourced," the Council warns.

The FFIEC expects the boards of directors and senior management of financial institutions to directly oversee and manage outsourcing relationships. It says financial institutions should institute an outsourcing process that includes:
* a risk assessment to identify the institution's needs and requirements;
* proper due diligence to identify and select a provider;
* written contracts that clearly outline duties, obligations and responsibilities of the parties involved; and
* ongoing oversight of outsourcing technology services.

The guidance encourages managers to consider additional risk-management controls when services involve the use of the Internet.

"The Internet, with its broad geographic reach, ease of access and anonymity, requires institutions' close attention to maintaining secure systems, detecting intrusions, developing reporting systems, and verifying and authenticating customers," the guidance note states.

In addition, the regulators believe that the emergence of new startup service companies with limited experience, resources and knowledge of the regulated financial services environment should heighten the importance of effective risk-management practices.


Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Bank of England warns on payment system risks

Bank of England warns on payment system risks

30 November 2000  |  3474 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.vasco.comvisit www.atos.netvisit www.innotribe.com

Top topics

Most viewed Most shared
Mastercard to roll out blockchain APIMastercard to roll out blockchain API
11471 views comments | 17 tweets | 24 linkedin
HSBC partners Bud for open banking trialHSBC partners Bud for open banking trial
11284 views comments | 22 tweets | 27 linkedin
satelliteGates Foundation backs Ripple collaboratio...
9291 views comments | 13 tweets | 10 linkedin
Sibos 2017: API or the highwaySibos 2017: API or the highway
8370 views comments | 10 tweets | 22 linkedin
IBM uses blockchain to improve cross-border payments processingIBM uses blockchain to improve cross-borde...
8336 views comments | 9 tweets | 18 linkedin

Featured job

Competitive base + commission + benefits
New York City, NY - USA

Find your next job