Division of Depositor and Consumer Protection Banker Teleconference Series Third-Party Compliance Risk Management Tuesday, June 5, 2012.

Slides:

Advertisements

Similar presentations

HIGH-RISK: FOREIGN CORRESPONDENT BANKING

Advertisements

Depository Institutions

Depository Institutions

The Fair Trading Act and Credit 2011 Service Alberta.

RESERVE BANK OF INDIA. Developments in Payment and Settlement Systems Introduction of MICR Introduction of MICR Electronic Funds Transfer.

Identifying and Mitigating UDAP Risk Chicago Region Regulatory Compliance Call December 17, 2014.

Since 2011 credit unions have been increasingly engaging in private student lending: Private student loan funding has grown 33%, from $1.5 Billion to.

Identity Theft “Red Flags” Rules Under the FACT Act Reid Fudge CISSP, CISA Pulte Mortgage, LLC November 2008.

1 Credit card operation and the recent CardSystems incident HONG KONG MONETARY AUTHORITY 4 July 2005.

Check 21 and Image Exchange

Depository Institutions Take Charge of Your Finances.

OLA {DRAFT} BEST PRACTICES Revised 6/25/2013. Payments Landscape Update Ever increasing scrutiny and pressure from every agency OCC (J LaRoche, May, 2013)

Four tips to keep ACH fraud in the past. 2 ACH Fraud Prevention Steps Businesses Can Take to Minimize Fraud Risk 1 1 b b c c d d e e f f g g a a Monitor.

1 Supplement to the Guideline on Prevention of Money Laundering Hong Kong Monetary Authority 8 June 2004.

$$$$$$$ Know your Money! Financial Institutions and Services.

E B a n k i n g Information Security Guidelines ABA’s Technology Risk Management – A Strategic Approach Telephone/Webcast Briefing June 17, 2002.

Agenda Overview Updates to the Manual Sections Not Updated

Guidance for Managing Third-Party Risk Chicago Region Regulatory Conference Call December 8, 2010.

Banking and Financial Services

February 10, 2012 Michelle Hemerley Director, Compliance Consulting

Vendor Risk: Effective Management is Essential

FDIC San Francisco Region’s Regulatory Update. IntroductionsIntroductions From the San Francisco Regional Office:  Assistant Regional Director Paul Worthing.

Private, Secure, Guaranteed ACH Credits – The Next Generation of Online Payments Samantha Carrier, Director, eCommerce, NACHA.

Section 12-2-Regulatory Agencies and Laws.   These agencies make or enforce rules and regulations  Agencies provide oversight or supervision of activities.

Due Diligence - The Regulator’s Perspective ABA Telephone/Webcast Briefing August 14, 2001 Cynthia Bonnette, Assistant Director FDIC Bank Technology Group.

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

Compliance and Regulation for Mobile Solutions Amanda J. Smith Messick & Lauer, P.C. May 16, 2013.

OECD Guidelines on Insurer Governance

Chapter 3 Internal Controls.

Tiffany George Attorney, Division of Privacy & Identity Protection Federal Trade Commission COMPLYING WITH THE RED FLAGS RULE & ADDRESS DISCREPANCY RULE.

2015 ANNUAL TRAINING By: Denise Goff

Outsourcing Louis P. Piergeti VP, IIROC March 29, 2011.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

Credit unions use social media in a variety of ways, including marketing, providing incentives, facilitating applications for new accounts, inviting feedback.

University of Palestine International Business And Finance Management Accounting For Financial Firms Part (3) Ibrahim Sammour.

Chapter 4 Federal Reserve System © 2003 John Wiley and Sons.

FIRMA April 26-30, 2009 Donna M. Fay Federal Reserve Bank Of Atlanta.

DO NOW: Why do we have banks?. Banking Services 7.1 How Banks Work.

NYSAIS | Webinar | May 11, 2011 Electronic Signatures and Red Flag Rules Presented by: Donald J. Mosher Partner Schulte Roth & Zabel LLP

1.7.3.G1 © Family Economics & Financial Education – Revised March 2008 – Financial Institutions Unit – Depository Institutions Funded by a grant from Take.

The views expressed in this presentation do not necessarily reflect those of the Federal Reserve Bank of New York or the Federal Reserve System Association.

DO NOW: Why do we have banks?. Banking Services 7.1 How Banks Work.

New Identity Theft Rules Rodney J. Petersen, J.D. Government Relations Officer Security Task Force Coordinator EDUCAUSE.

Technology Supervision Branch Interagency Identity Theft Red Flags Regulation Bank Compliance Association of CT Bristol, CT September 3, 2008.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved Chapter Fourteen Investment Banking, Insurance, and Other Sources of Fee Income.

FDIC 2010 Overdraft Payment Program Guidance Overview & Frequently-Asked Questions March 29, 2011  Director Mark Pearce, Division of Depositor and Consumer.

SMU Dedman School of Law October 8, 2007 Glenn Wheeler – Chief Executive Officer.

© 2009 EPCOR. All Rights Reserved The Risks and Rewards of Remote Deposit Services 2009 Treasury Management Conference September 10, 2009 Omaha, Nebraska.

MANAGING THIRD-PARTY RISK New York Region Regulatory Conference Call March 3, 2011.

May 14, 2014 Presented by Ken Shim. Background April CFPB issued Bulletin Federal Reserve, OCC and FDIC issued similar guidance on vendor.

Challenges and Opportunities in the Caribbean Financial Services Sector Rudolph F. Zepeda, Jr. Federal Reserve Bank of Atlanta Miami Branch.

Centrix Solutions Inc. Western States Users Group Centrix Solutions Inc. ACH Risk.

1 Activities ACTIVITY 1: Why Do You Need a Bank? ACTIVITY 2:The Many Services of a Bank ACTIVITY 3: The ABCs of a Checking Account ACTIVITY 4: Opening.

PERSONAL FINANCE PERSONAL BANKING BY MR. BROWN. TOPICS Bank Accounts Check Writing ACH Transfers vs. Wire Transfers Bank Fees FDIC Debit Cards vs. Credit.

FDIC Perspective on Environmental Risk Presented by: Gordon Stoner Legal Division Federal Deposit Insurance Corporation May 6, 2008.

THE FEDERAL RESERVE BOARD'S OVERDRAFT RULES “Outlook Live” Audio Conference Dana Miller, Attorney David Stein, Managing Counsel Division of Consumer and.

Washington State Auditor’s Office Third Party Receipting Presented to Washington Public Ports Association June 2016 Peg Bodin, CISA.

Judy Graham, Program Officer

NCUA Consumer Compliance

The CFPB’s Legal Minefield for CREDIT UNIONS

Consumer Education Chapter 7

Vendor Management & Business Value

ACAMS Greater Philadelphia Chapter Learning Event September 7, 2017

Financial Institutions and Services

17 Banking and Financial Services

Depository Institutions

Depository Institutions

17th National Forum on Prepaid Card Compliance

AAP Trainer Module I ACH Primer

Presentation transcript:

Division of Depositor and Consumer Protection Banker Teleconference Series Third-Party Compliance Risk Management Tuesday, June 5, 2012

FEDERAL DEPOSIT INSURANCE CORPORATION 2 Presenters  Luke Brown, Associate Director DCP Supervisory Policy  Victoria Pawelski, Senior Policy Analyst DCP Supervisory Policy  John Bowman, Senior Review Examiner DCP Office of CRA and Compliance Examinations  Julie Tupper, Senior Compliance Examiner DCP Dallas Regional Office

FEDERAL DEPOSIT INSURANCE CORPORATION 3 Agenda  Introduction  2008 FDIC Guidance on Managing Third- Party Risk (FIL )  Third-Party Relationships: Compliance Risk Management Examples  2012 FDIC Revised Guidance on Payment Processor Relationships (FIL )  Questions and Answers

FEDERAL DEPOSIT INSURANCE CORPORATION FDIC Guidance on Managing Third-Party Risk

FEDERAL DEPOSIT INSURANCE CORPORATION 5 Definition of Third-Party Relationship  Entity with which financial institution has entered into a business relationship  Facilitate customer access to bank services or products  Perform functions on the bank’s behalf  Bank or non-bank, affiliated or non- affiliated, regulated or non-regulated, domestic or foreign

FEDERAL DEPOSIT INSURANCE CORPORATION 6 Benefits/Risks Benefits  Strategic Objectives  Revenue  Expertise  Efficiencies  Resources  Access Risks  Legal  Regulatory  Financial Loss  Reputation  Loss of Customers

FEDERAL DEPOSIT INSURANCE CORPORATION 7 Financial Institution Responsibility  Board and management oversight tailored depending on the relationship  The institution, and its Board and management, are responsible for managing activities conducted through third parties as if the activity were conducted directly by the institution  Indemnity agreement not enough

FEDERAL DEPOSIT INSURANCE CORPORATION 8 Types of Risk  Strategic Risk  Reputation Risk  Operational Risk  Transaction Risk  Credit Risk  Liquidity Risk  Compliance Risk  Legal Risk  Other Risks

FEDERAL DEPOSIT INSURANCE CORPORATION 9 Risk Management Process  Is this a significant third-party relationship?  Process tailored depending on the risks identified, nature & significance of the relationship, scope & magnitude of the activity  Effective risk management process

FEDERAL DEPOSIT INSURANCE CORPORATION 10 Risk Management Framework  Four Key Elements  Risk Assessment  Due Diligence  Contract Structuring and Review  Oversight

FEDERAL DEPOSIT INSURANCE CORPORATION 11 Third-Party Relationships: Compliance Risk Management Examples

FEDERAL DEPOSIT INSURANCE CORPORATION 12 Compliance Risk Management Examples  Rent-A-BIN  Debt Collection  Prepaid Cards  RESPA Section 8  Identity Theft Protection Programs  Privacy

FEDERAL DEPOSIT INSURANCE CORPORATION FDIC Revised Guidance on Payment Processor Relationships

FEDERAL DEPOSIT INSURANCE CORPORATION 14 FDIC Financial Institution Letter FIL  January 31, 2012  FDIC releases Revised Guidance on Payment Processor Relationships  Replaces & updates 2008 Guidance on Payment Processor Relationships (FIL )

FEDERAL DEPOSIT INSURANCE CORPORATION 15 Definition of Third-Party Payment Processor  What is a Third-Party Payment Processor or “Processor”?  Depositor that uses its banking relationship to process payments for its merchant clients  Benefits:  Fee income  Large deposit balances  Capital injections  Concerns:  Merchant clients several entities removed  Nested or aggregator relationships  Merchant client activities

FEDERAL DEPOSIT INSURANCE CORPORATION 16 Main Risks of Processors  Credit Risks  Charge-backs from unauthorized transactions  Regulation CC warranty  Compliance Risks  Reputational Risks  Financial institution tied to merchant clients  Legal Risk  Class action lawsuits

FEDERAL DEPOSIT INSURANCE CORPORATION 17 Processor Red Flags  Targeting problem financial institutions in need of capital/earnings  Smaller financial institutions with limited resources for proper monitoring  Processors with relationships at multiple financial institutions at the same time  Consumer complaints  High Unauthorized Return Rates (URRs) or returns/charge-backs

FEDERAL DEPOSIT INSURANCE CORPORATION 18 Financial Institution Protections  Due diligence (initially & ongoing) – Know Your Customer  Policies & procedures for monitoring (URRs/Returns, complaints, etc.)  Be aware of potential Compliance Risks

FEDERAL DEPOSIT INSURANCE CORPORATION 19 Types of Payments  Types of Payments  Remotely Created Checks (RCCs)  Automated Clearinghouse Items (ACHs)  Network-related payments

FEDERAL DEPOSIT INSURANCE CORPORATION 20 Remotely Created Checks  What are RCCs?  Regular paper check that the Merchant creates  No consumer signature  Consumer provides account number & bank routing number, and merchant prints check  Merchant submits for regular check processing

FEDERAL DEPOSIT INSURANCE CORPORATION 21 Risks of RCCs  Merchant client can continue to draft checks  Depository financial institution responsible to paying financial institution under Regulation CC Section (d)  Consumer complaints regarding unauthorized withdrawals from account  High volume – difficult to monitor  High URRs and returns/charge-backs  Unregulated environment

FEDERAL DEPOSIT INSURANCE CORPORATION 22 ACH Use & Risks  How do processors use ACHs & what are the risks?  Merchant uses account number to initiate an electronic debit  Visa/MasterCard & NACHA rules  Unauthorized debits & charge-backs

FEDERAL DEPOSIT INSURANCE CORPORATION 23 Themes and Trends  No Board-approved policies/procedures  Growth beyond financial institution’s resources/abilities  Increase in fee income short-lived due to charge-backs  Underestimate potential reputation risks

FEDERAL DEPOSIT INSURANCE CORPORATION 24 Questions and Answers

FEDERAL DEPOSIT INSURANCE CORPORATION 25 Thank You The information contained in this presentation is for informational purposes only and is provided as a public service and in an effort to enhance understanding of the statutes and regulations administered by the FDIC. It expresses the views and opinions of FDIC staff and is not binding on the FDIC, its Board of Directors, or any Board member, and any representation to the contrary is expressly disclaimed.