Regulatory Reality:

FDIC


July 6, 2012  3:18 AM

Risk: The core issue behind regulatory requirements



Posted by: David Schneier
assess, assessment, assessments, Audit, audits, bank, banking, banks, compliance, compliant, control, credit union, credit unions, CU, enterprise risk, enterprise risk management, ERM, exam, examination, examinations, examiner, exams, FDIC, Federal Reserve Bank, FFIEC, financial institutions, framework, FRB, general controls, GLBA, governance, GRC, guidance, information security, information security office, infrastructure, NCUA, PII, policy, procedure, regulation, regulations, regulations audit, risk assessment, risk assessments, Risk IT, risk management, risk rating, risk-based, risks, threats, vendor, Vendor Management, vendor risk, vendor risk assessment

There's a joke of sorts within my personal circle of family and friends regarding what it is that I do these days.  Ask me and I'll tell you that I'm a regulatory compliance expert who advises financial institutions on how to comply with the myriad rules and regulations governing information...

January 8, 2012  9:27 PM

Maintaining compliance is often the Missing Link.



Posted by: David Schneier
assess, assessment, Audit, compliance, exam, examination, examiner, FDIC, GLBA, NCUA, regulations, regulatory, Regulatory Compliance, risk, risk assess, risk assessment

I've been in the solutions selling business on and off for about a decade but exclusively so over these past four years.  Up until becoming a partner in my current practice I pretty much was always only involved in helping sell the solution and usually implementing it before moving on.  Seldom...


November 18, 2011  12:22 PM

Why vendor management is a big GLBA deal.



Posted by: David Schneier
assessment, Audit, compliance, FDIC, Federal Reserve Bank, FRB, GLBA, NCUA, OCC, OTC, regulations, regulatory, Regulatory Compliance, risk, risk assessment, vendor, Vendor Management, vendor risk, vendor risk rating

I don't think I'm due to post about vendor management again at least until January 2012 (I try to limit topics to twice a year) but I've had something kicking around my head for a few days now and it needs a proper vetting. Does anyone know why vendor management is such a big issue for banking...


October 3, 2011  10:39 PM

Dodd-Frank Section 165(d) : Is this really what was needed?



Posted by: David Schneier
bcp, business continuity, business continuity plan, compliance, Dodd-Frank, FDIC, GLBA, NCUA, regulations, regulatory, Regulatory Compliance, too big too fail

Ever since Dodd-Frank legislation first started rolling down the turnpike towards the banking industry I've been reading and listening to all manner of rhetoric about how none of it's going to solve any problems, that it's going to impede the business of banking and force money to be deposited and...


June 24, 2011  2:43 PM

Is new guidance really new or worth waiting for?



Posted by: David Schneier
cloud, compliance, compliant, FDIC, FFIEC, guidance, NCUA, PCI, regulatory, Regulatory Compliance, regulatory guidance

Oh how the times have changed.  Once upon a time I was part of a group of peers who waited for new album releases, camped out over night for concert tickets and once even waited on line for the annual release of Strat-O-Matic's baseball set (perhaps the nerdiest thing I've ever done).  And all of...


May 8, 2011  4:46 AM

Another data breach? What else is new?



Posted by: David Schneier
breach, compliance, data breach, FDIC, NCUA, regulations, regulatory, Regulatory Compliance

The other day I was watching my cat attempt to catch his own tail. Now I know that by itself it’s not unusual for cats or dogs to attempt such a feat but for this one in particular it was unusual as I’ve never seen him do it before. He’s a remarkably athletic animal and...


April 18, 2011  6:22 PM

Epsilon: Why vendor management is critical.



Posted by: David Schneier
Audit, bank, banking, compliance, FDIC, FFIEC, GLBA, NCUA, regulatory, Regulatory Compliance, requirements, risk, SAS 70, vendor, Vendor Management

A few years back we hired a local painting contractor to do some work around my house.  Upon completing his sales spiel he announced that he often relies upon subcontractors for the less skilled work and wanted to be upfront about that before we entered into any sort of deal with him.  Anyone he...


March 15, 2011  9:58 PM

Is your examiner a friend or foe?



Posted by: David Schneier
Audit, bank, banking, compliance, credit union, CU, exam, examiner, FDIC, GLBA, NCUA, OCC, oversight, regulations, regulatory, Regulatory Compliance

I was catching up on my industry emails the other day and buried in my FDIC email folder was Financial Institution Letter FIL-13-2011, sent out on March 1st. Truthfully I usually pay close attention to their Friday afternoon blasts regarding bank closings and only skim the rest. But this one...


February 10, 2011  4:07 PM

Should banks and social networking coincide?



Posted by: David Schneier
bank, banks, credit union, credit unions, email, Facebook, FDIC, LinkedIn, NCUA, regulations, regulatory, Regulatory Compliance, social network, social networking, tweet, tweeting, Twitter, web

A few weeks back my wife asked me, as a favor, if I could join one of Facebook's community-based games because the more "neighbors" you have, the easier it is to succeed and so I did. Truthfully it was a rare moment of weakness for me because I tend to avoid those sort of things as if it were the...


January 29, 2011  1:34 AM

Regulatory compliance is not easy



Posted by: David Schneier
assessment, Audit, bcp, business continuity plan, disaster recovery, DR, FDIC, GLBA, NCUA, regulations, regulatory, Regulatory Compliance

Something happened within our practice this past week that made me recall a story from the very beginning of my audit and compliance career. Way back in 1998 when I was first transitioning from being an application developer/manager to a compliance/audit professional, my first long term engagement...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: