During a recent audit, we noticed one of the Internet domain names registered to the bank was displaying a website provided by the registrar (Network Solutions).  Upon discussing this issue with the bank, they told me they had registered the name because they use it internally as their Active Directory domain name and did not want anybody else registering the public name.  So the bank’s IT vendor dutifully registered the name, but did not do anything with it as far as pointing it to an existing bank website or an “under construction” site.  As a result the registrar parked the domain name and displayed an advertisement website.  The advertisements were for Gucci, Wells Fargo, Bank of America, etc.  The bank was not very happy when they found out their domain was being used to advertise other banks.

Declaring that “the American people will never again be asked to foot the bill for Wall Street’s mistakes,” President Obama signed the 2300-page Dodd-Frank Wall Street Reform and Consumer Protection Act into law today.  The American Bankers Association (ABA) and Independent Community Bankers of America (ICBA) have released similar statements declaring that core provisions in the new legislation provide the much-needed reform that banks have long supported, but they are leery of the seemingly unrelated regulations added to the bill during its journey from inception to signing.

Some highlights of the Dodd-Frank Act include:

• Creating the Consumer Financial Protection Bureau with the authority to write new rules for mortgages, credit cards, payday loans, and other consumer products
• Increasing FDIC protection to $250,000
• Enhancing the authority of the Fed and other bank regulators to examine and take enforcement action against non-bank subsidiaries, such as mortgage affiliates
• Eliminating the Office of Thrift Supervision, bringing savings and loan holding company and institution supervision to the Fed, OCC, and FDIC
• Imposing strict controls on large bank holding companies and significant nonbank financial companies
• Prohibiting banks and their affiliates from engaging in proprietary trading and providing strict limits on investment in and sponsoring of hedge and private equity funds
• Allowing merchants to discriminate or discount based on payment type and set minimum payment amounts for acceptance of debit and credit cards
• Subjecting holding companies to new “source of strength” rules regarding their depository institution subsidiary

Most provisions will be enacted immediately, but many have delayed effective dates. Read More...

The Federal Financial Institutions Examination Council (FFIEC) issued an updated Retail Payment Systems Booklet.  The booklet is part of the IT Examination Handbook series and provides guidance to examiners, financial institutions, and technology service providers (TSPs) on identifying and controlling risks associated with retail payment systems and related banking activities.  To download the booklet and associated workprogram, visit http://www.ffiec.gov/ffiecinfobase/html_pages/it_01.html

CoNetrix is pleased to announce the release of tandem, new security and compliance software.  tandem was developed to help financial institutions complete and maintain an Information Security Program (per GLBA and the Interagency Guidelines Establishing Information Security Standards).  While tandem was designed as a complete solution from the ground up, it was fashioned into modules which allow for versatility.  The modules include risk assessment, policies, vendor management, and business continuity planning.  Each module was released as it was completed.

To read the full press release, visit http://news.yahoo.com/s/prweb/20100216/bs_prweb/prweb3598024_2

After installing ARTA Deposit on a virtual Windows XP system running user could connect and access all the data. The problem was the bank employees could not preview or print any forms. After a little investigation I called ARTA support. I went through all the normal steps of checking folder permissions and basic troubleshooting before being handed to a 2nd tier support tech. The tech asked me to check the permissions of the Component Services. I navigated to [Control Panel\Administrative Tools\Component Services]. I then went to “My Computer”, in the Microsoft Management Console, right clicked and selected “Properties”.  Read More...

The American Bankers Association (ABA) has published a news release warning its members of a fraudulent email attack, an attack commonly referred to as phishing.  According to the ABA, the emails inform recipients that an “unauthorized transaction” has been charged to their account using their “bank card.”  The amount of the transactions is typically between $3,000 and $7,000.

In the news release, the ABA states they would never contact a consumer and ask for financial information.

To read the news release from the ABA, visit http://www.aba.com/Pressrss/012610FraudulentEmails.htm

The Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Independent Community Bankers Association (ICBA), along with a variety of payment systems industry partners, are planning a Cyber Attack against Payment Processes (CAPP) exercise.  the three-day exercise is scheduled for February 9-11 and will simulate a different attack scenario each day.  There is no charge to participate in this exercise.  The deadline to register is January 29th.  To read more or register, visit http://www.fsisac.com/capp/.

The National Credit Union Administration (NCUA) issued an advisory warning that CDs with malware are being mailed to Credit Unions claiming to be training materials.

See http://www.ncua.gov/news/press_releases/2009/MR09-0825a.htm for the alert.

CoNetrix is pleased to announce the CoNetrix Information Security Risk Assessment software and Business Continuity Planning (BCP) software are candidates for the BankNews 2009 Innovative Solutions Award.

The Innovative Solutions Award, sponsored by BankNews, recognizes companies that have introduced or enhanced a product or service designed to help banks better serve their customers.  Entries are divided into four categories:

1. Architectural/Equipment Solutions
2. Consulting/Outsourcing/Training Solutions
3. Management Software Solutions
4. Online/Remote/Mobile Solutions

The CoNetrix Risk Assessment tool is listed under the category 2 "Consulting/Outsourcing/Training Solution", and the BCP tool is listed under the category 3 "Management Solutions".

To vote now, go to http://www.banknews.com/2009-Entries.704.0.html

To learn more about the Innovative Solutions Award, visit http://www.banknews.com/

The FDIC Board of Directors just concluded their special meeting to discuss the Special Assessment Final Rule.  The FDIC Board elected to change the following:Read More...

We continue to hear positive things from many of our customers (community banks) - many have plenty of money to lend (but only to qualifying customers) - we have even visited with a few banks that are trying to send back the "bailout" money - here is a good article depicting the US community bank - http://www.nytimes.com/2009/05/17/magazine/17wwln-rendon-t.html?_r=2&ref=magazine

The FTC has delayed the enforcement of the new "Red Flags Rule" again.  The new enforecement date is now extended to August 1, 2009.  This does NOT affect other federal agencies' enforcement of the original November 1, 2008 dealine (i.e. FDIC, OCC, Federal Reserve, OTS, NCUA).

To read the Press Release visit http://www.ftc.gov/opa/2009/04/redflagsrule.shtm