Presentation is loading. Please wait.

Presentation is loading. Please wait.

www.e-businessmanagement.com 2004 © Dr. John T. Whiting All Rights Reserved Slide 1 Achieving Compliance with GBLA & Other Laws and Regulations Impacting.

Published byShona Gregory Modified over 8 years ago

Similar presentations

Presentation on theme: "www.e-businessmanagement.com 2004 © Dr. John T. Whiting All Rights Reserved Slide 1 Achieving Compliance with GBLA & Other Laws and Regulations Impacting."— Presentation transcript:

1

2 www.e-businessmanagement.com 2004 © Dr. John T. Whiting All Rights Reserved Slide 1 Achieving Compliance with GBLA & Other Laws and Regulations Impacting on Financial Institutions A Check List and Strategy for Financial Institution Senior Managers & Boards of Directors

3 www.e-businessmanagement.com 2004 © Dr. John T. Whiting All Rights Reserved Slide 2 Federal Law and Regulation

4 www.e-businessmanagement.com 2004 © Dr. John T. Whiting All Rights Reserved Slide 3 Achieving Compliance is a Challenging Task…

5 www.e-businessmanagement.com 2004 © Dr. John T. Whiting All Rights Reserved Slide 4 Laws & Regulations Governing Financial Institutions Laws: 12 USC 146 (d): Home Owners’ Loan Act 12 USC 1867 (c): Bank Service Company Act 12 USC 1882: Bank Protection Act 15 USC 6801 and 6805 (b): Gramm-Leach-Bliley Act Federal Reserve Board: 12 CFR Part 208, Appendix D-2: Interagency Guidelines Establishing Standards for Safeguarding Customer Information 12 CFR Parts 211.9 and 211.24(i): Protection of customer information 12 CFR Part 225, Appendix F: Interagency Guidelines Establishing Standards for Safeguarding Customer Information Federal Deposit Insurance Corporation: 12 CFR Part 364, Appendix A: Interagency Guidelines Establishing Standards for Safety and Soundness 12 CFR Part 364, Appendix B: Interagency Guidelines Establishing Standards for Safeguarding Customer Information National Credit Union Administration: 12 DFR Part 721: Federal Credit Union Incidental Powers Activities 12 CFR Part 748: Security Program, Report of Crime and Catastrophic Act, Bank Secrecy Act Compliance, and Appendix A – Guidelines for Safeguarding Member Information 12 CFR Part 716: Privacy of Consumer Financial Information 12 CFR Part 741: Requirements for Insurance 12 CFR Part 740: Advertising Office of the Comptroller of the Currency: 12 CFR Part 30, Appendix A: [Interagency] Guidelines Establishing Standards for Safety and Soundness 12 CFR Part 30, Appendix B: [Interagency] Guidelines Establishing Standards for Safeguarding Customer Information Office of Thrift Supervision: 12 CFR Part 570, Appendix A: Interagency Guidelines Establishing Standards for Safety and Soundness 12 CFR Part 570, Appendix B: Interagency Guidelines Establishing Standards for Safeguarding Customer Information

6 www.e-businessmanagement.com 2004 © Dr. John T. Whiting All Rights Reserved Slide 5 Policy Change Escalating of IT Management to the Strategic Business Level IT regarded as a tactical asset and managed at the tactical/ technical level by IT Managers. IT integrated into the strategic business plan and managed by the CEO and the Financial Institution’s Board of Directors.

7 www.e-businessmanagement.com 2004 © Dr. John T. Whiting All Rights Reserved Slide 6 Financial Institution Laws and Regulations Compliance Check List  Is the Financial Institution (FI) fully aware of the Laws and Regulations that must be complied with?  Does the FI have policy defining the process for achieving compliance with laws and regulations?  Does the FI have a process to determine the financial institution’s status and vulnerability regarding compliance with laws and regulations?  Has the FI conducted a full enterprise audit of the institution’s status of compliance?  Has the FI collected valid audit data and analyzed these data to measure the discrepancy between compliance requirements and the financial institution’s status?  Has the FI adopted a Laws & Regulations Compliance Plan (LRCP) to guide the compliance effort, define projects and budget resources to achieve compliance?  Has the LRCP been integrated into the FI strategic plan?  Has the LRCP been implemented?  Are the outcomes measured by formative and summative evaluation?  Is the FIGCP ongoing with refinement and upgrades based on continuous status monitoring, assessment and prioritizing as a routine part of the strategic plan.

8 www.e-businessmanagement.com 2004 © Dr. John T. Whiting All Rights Reserved Slide 7 Phase I - Phase II - Phase III - Phase IV - Phase V - Baseline Company Audit to Identify Government Regulation Compliance Status:  Business Policy Status  Technology/User Status  Compliance status FI Government Compliance Plan (FIGCP) Development and Targeting of Compliance Priorities Prescription of Priority Compliance Targets Projects Priority Compliance Project Implementation & Formative Evaluation Priority Project Completion, Summative Evaluation and Status Re-assessment Discovery of Compliance Status, Discrepancy Analysis and Needs Assessment Diagnosis of Status, FIGCP Development & Priority Targeting Priority Compliance Project Identification Within Key Business Functions & Across the Enterprise Implementation of Priority Projects, Formative Evaluation to Document Progress based on FIGCP Completion of Priority Compliance Projects, Summative Evaluation and Documentation to Meet Reporting Requirements Note: The process is continuous and integrated into the strategic planning and budgeting process! The E-BMC Model for Achieving Compliance

9 www.e-businessmanagement.com 2004 © Dr. John T. Whiting All Rights Reserved Slide 8 Partnering with E-BMC to Achieve FI Compliance The Advantages: The FI can take immediate action, directed by an expert partner, to design direct, lead staff and monitor the FI’s compliance program A compliance program, based on the E-BMC Methodology, that is compatible with and easily integrated into the FI’s strategic business plan and budgeting process A compliance plan based on FI’s staff involvement yielding increased staff awareness, capacity to follow laws and regulations, and use of FI resources A highly cost effective alternative to outsourcing compliance work to a third party accounting, auditing or service provider outside of the FI.

10 www.e-businessmanagement.com 2004 © Dr. John T. Whiting All Rights Reserved Slide 9 Interested in more information… Contact Dr. John T. Whiting at: john.whiting@e-businessmanagement.com 973-764-0375 15 Village Way – Suite F-6 Vernon, NJ 07462

Download ppt "www.e-businessmanagement.com 2004 © Dr. John T. Whiting All Rights Reserved Slide 1 Achieving Compliance with GBLA & Other Laws and Regulations Impacting."

Similar presentations

Options appraisal, the business case & procurement

Options appraisal, the business case & procurement
HIPAA Security Rule Overview and Compliance Program Presented by: Lennox Ramkissoon, CISSP The People’s Hospital HIPAA Security Manager The Hospital June.

HIPAA Security Rule Overview and Compliance Program Presented by: Lennox Ramkissoon, CISSP The People’s Hospital HIPAA Security Manager The Hospital June.
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Draft Action Plan Update – Agenda Item No. 5D Central Valley Flood Protection Board.

Draft Action Plan Update – Agenda Item No. 5D Central Valley Flood Protection Board.
THE COMMUNITY REINVESTMENT ACT Tools for Improving Community Development Lending, Services and Investments.

THE COMMUNITY REINVESTMENT ACT Tools for Improving Community Development Lending, Services and Investments.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
WHY CHOOSE CEO-PE?  We employ International Association of Privacy Professionals (IAPP) Certified and Health Insurance Portability & Accountability Act.

WHY CHOOSE CEO-PE?  We employ International Association of Privacy Professionals (IAPP) Certified and Health Insurance Portability & Accountability Act.
Directors’ College 2007 Protecting Your Customers’ Privacy A Directors’ Guide to GLBA By David Abbott, FDIC IT Examiner.

Directors’ College 2007 Protecting Your Customers’ Privacy A Directors’ Guide to GLBA By David Abbott, FDIC IT Examiner.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
3rd session: Corporate Governance

3rd session: Corporate Governance
Challenge Questions What outcomes have we achieved?

Challenge Questions What outcomes have we achieved?
Risk Assessment Frameworks

Risk Assessment Frameworks
Euseden INTERNAL AUDIT & ASSURANCE SERVICES.

Euseden INTERNAL AUDIT & ASSURANCE SERVICES.
Eurasian Corporate Governance Roundtable

Eurasian Corporate Governance Roundtable
Paradise Valley Community College Ways to Fit Security Risk Management to Your Environment Using the OCTAVE Methodology Tailoring OCTAVE at Maricopa Community.

Paradise Valley Community College Ways to Fit Security Risk Management to Your Environment Using the OCTAVE Methodology Tailoring OCTAVE at Maricopa Community.
Guidance for Managing Third-Party Risk Chicago Region Regulatory Conference Call December 8, 2010.

Guidance for Managing Third-Party Risk Chicago Region Regulatory Conference Call December 8, 2010.
Building a Compliance Risk Monitoring Program HCCA Compliance Institute New OrleansApril 19, 2005 Lois Dehls Cornell, Esq. Assistant Vice President, Deputy.

Building a Compliance Risk Monitoring Program HCCA Compliance Institute New OrleansApril 19, 2005 Lois Dehls Cornell, Esq. Assistant Vice President, Deputy.
Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.
Section 12-2-Regulatory Agencies and Laws.   These agencies make or enforce rules and regulations  Agencies provide oversight or supervision of activities.

Section 12-2-Regulatory Agencies and Laws.   These agencies make or enforce rules and regulations  Agencies provide oversight or supervision of activities.

Similar presentations

Ads by Google