15 December 2017
visit http://response.ncr.com

US regulators warn banks of technology risks

30 November 2000  |  3047 views  |  0 US regulators warn banks of technology risks

US bank regulators have issued guidance to banks on the management of risk arising from reliance on third-party technology suppliers.

The Federal Financial Institutions Examination Council, which issued the guidance, says it is intended to assist financial institutions in effectively managing the risks of outsourcing arrangements. The FFIEC notes that institutions outsource a wide range of technology services that include aggregation, digital certification, security monitoring, information and transaction processing and settlement activities to support banking functions.

"However, responsibility for managing the risks associated with those products or activities cannot be outsourced," the Council warns.

The FFIEC expects the boards of directors and senior management of financial institutions to directly oversee and manage outsourcing relationships. It says financial institutions should institute an outsourcing process that includes:
* a risk assessment to identify the institution's needs and requirements;
* proper due diligence to identify and select a provider;
* written contracts that clearly outline duties, obligations and responsibilities of the parties involved; and
* ongoing oversight of outsourcing technology services.

The guidance encourages managers to consider additional risk-management controls when services involve the use of the Internet.

"The Internet, with its broad geographic reach, ease of access and anonymity, requires institutions' close attention to maintaining secure systems, detecting intrusions, developing reporting systems, and verifying and authenticating customers," the guidance note states.

In addition, the regulators believe that the emergence of new startup service companies with limited experience, resources and knowledge of the regulated financial services environment should heighten the importance of effective risk-management practices.


Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Bank of England warns on payment system risks

Bank of England warns on payment system risks

30 November 2000  |  3493 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.response.ncr.comvisit www.aciworldwide.comvisit www.thomsonreuters.info

Top topics

Most viewed Most shared
Deutsche Bank paper hails 'huge' blockchain potentialDeutsche Bank paper hails 'huge' blockchai...
10352 views comments | 17 tweets | 25 linkedin
satelliteRipple completes XRP Lockup
9681 views comments | 3 tweets | 2 linkedin
PSD2: Laying the regulatory foundation for a new age in paymentsPSD2: Laying the regulatory foundation for...
9104 views comments | 17 tweets | 36 linkedin
Alior Bank to use Open API platform and accelerator to create fintech marketplaceAlior Bank to use Open API platform and ac...
7672 views comments | 20 tweets | 11 linkedin
Australian Government amends AML rules to cover digital currenciesAustralian Government amends AML rules to...
7297 views comments | 15 tweets | 24 linkedin

Featured job

Competitive package
New York City, NY - USA

Find your next job