Presentation is loading. Please wait.

Presentation is loading. Please wait.

Compliance and Regulation for Mobile Solutions Amanda J. Smith Messick & Lauer, P.C. May 16, 2013.

Similar presentations


Presentation on theme: "Compliance and Regulation for Mobile Solutions Amanda J. Smith Messick & Lauer, P.C. May 16, 2013."— Presentation transcript:

1 Compliance and Regulation for Mobile Solutions Amanda J. Smith Messick & Lauer, P.C. May 16, 2013

2 Overview E-Sign Act Uniform Electronic Transactions Act Electronic document retention Remote deposit capture compliance and risk management

3 Electronic Signatures in Global and National Commerce Act (E-Sign Act)

4 In General Just because a signature, contract, or other document is in electronic form does not mean it is not binding or legal; and A contract cannot be deemed unenforceable or invalid solely because an electronic record or signature was used in its formation.

5 E-Sign Requirements Consent must be informed – E-Sign disclosures. The consumer must have the technological ability to accept the electronic records and you must have proof of this. Must obtain the consumer’s consent to accept the records electronically. Must provide subsequent disclosures if technology requirements change in a material way. Consumer must have the right to withdraw consent prior to receiving the electronic record.

6 E-Sign Disclosures Clear and conspicuous; Provided before the consumer agrees to accept electronic records; Explain what rights the consumer has to obtain the records in paper form; Explain consumer’s right to withdraw consent and consequences of the withdraw; Describe the extent of the consent granted; Delineate the procedures to be followed in the event the consumer chooses to withdraw consent;

7 E-Sign Disclosures – Cont’d Tell the consumer the process which should be followed to update his or her contact information; Divulge whether the consumer may obtain paper copy of the electronic record; Tell whether there will be a fee assessed for obtaining paper copy and if the relationship will be terminated upon withdraw of consent; and Describe the hardware and software requirements for access and retention.

8 Exceptions Wills, codicils, and trusts. Certain areas of the UCC. Notices of default, foreclosure, repossession, or eviction.

9 Uniform Electronic Transaction Act

10 What is it? Uniform rules to govern transactions in electronic commerce that should serve in every state. By adopting the official version of UETA, states have the authority to modify, limit, or supersede some E-Sign provisions, including its consumer protection provisions. Forty-seven states, the District of Columbia, Puerto Rico, and the Virgin Islands have adopted. In general, when E-Sign and UETA conflict, UETA governs.

11 What does it say? A record or signature may not be denied legal effect or enforceability solely because it is in electronic form. A contract may not be denied legal effect or enforceability solely because an electronic record was used in its formation. Any law that requires a writing will be satisfied by an electronic record. Any signature requirement in the law will be met if there is an electronic signature.

12 Electronic Document Retention

13 Guidance Appendix A to Part 749 – Must be accurate, reproducible and accessible to an examiner. NCUA Legal Opinion Letter 07-0812 State law – Retention times Federal and state rules of evidence – Use of electronic records in court proceedings.

14 Remote Deposit Capture

15 Risk Management FFIEC publication - Risk Management of Remote Deposit Capture What are the risks associated with the activity? How do you mitigate and control the risks? How do you monitor the risks on an ongoing basis?

16 Legal and Compliance Risks Check 21 Act, Regulation CC, Regulation J, applicable state laws, account agreements, and clearinghouse rules may apply. – Most regulations do not specifically address RDC scenarios (i.e. funds availability) therefore customer agreements must address. Back Secrecy Act and Anti-Money Laundering – Policies and procedures

17 Customer Agreement Roles and responsibilities of the parties, including those related to hardware and software requirements; Record retention and disposal requirements; Types of items that may be transmitted; Processes and procedures that the customer must follow, including image quality; Dispute resolution procedures; Periodic audits of RDC procedures, if applicable; Performance standards for financial institution and customer;

18 Customer Agreement - Continued Allocation of liability, warranties, indemnification; Funds availability, collateral, and collected funds requirements; Governing laws, regulations and rules; Authority of the financial institution to mandate specific internal controls at the customer’s locations, audit customer operations, or request additional customer information; and Authority of the financial institution to terminate the RDC relationship.

19 Operational Risks Fraud – risk is elevated in a RDC environment. – Check alteration – Forged or missing endorsements – Certain security features may be lost – Counterfeit – Duplicate presentment of checks Safety of deposited items held by customers (i.e. Protection of NPPI). Proper disposal of deposited items by customers. Customer authentication. Data security and lack of encryption in the RDC system. Reliability of the RDC vendor. RDC processes at the consumer’s location. Maintaining compatible IT between financial institution, vendor, and consumer.

20 Controlling Operational Risks Customer due diligence Vendor due diligence RDC training for customers Business continuity Monitoring and reporting Change control processes Insurance

21 NCUA Supervisory Focus for 2013 Letter No. 13-CU-01 Remote deposit capture, online banking, mobile baking, and social media. Must implement controls that commensurate with the risks involved, in particular ensuring the security and stability of these service delivery channels.

22 Remote Deposit Capture Examination Procedures Letter No. 09-CU-07 and enclosure Remote Deposit Capture Questionnaire. – Service Delivery Environment – Management – Strategic Planning/ Risk Assessment/ Policies and Procedures – Due Diligence – Vendor/ Member / Application Specifications – Legal & Compliance / Contracts & Agreements/ Internal Audit – Operational (Implementation) – Fraud

23 Questions? Comments?

24 Thank you! Amanda Smith (610) 892-9000 asmith@cusolaw.com


Download ppt "Compliance and Regulation for Mobile Solutions Amanda J. Smith Messick & Lauer, P.C. May 16, 2013."

Similar presentations


Ads by Google