Celebrating Abraham Lincoln's Banking Legacy: A Podcast
In honor of Abraham Lincoln's birthday and President's Day, enjoy this podcast from ABA Banking Journal celebrating Lincoln's banking impact...
Training Risk Management Heroes, Part 1: Banking on the Frontline
Frontline staff at FIs are trained to protect both the institution and its customers by identifying fishy transactions, but staff are capable of going
5 Reasons to Love Your HMDA Data & Analysis!
In the spirit of Valentine's Day, ere are five real reasons to love your HMDA data in 2019, and how you can analyze it for success! Don't miss out.
The Bad Guys Keep Getting Smarter. Let’s Hope Financial Institutions and Vendors Can Keep Pace.
Cyber criminals are growing increasingly clever.Just consider what happened to Tampa Bay Credit Union recently...
How to Tell if a Loan Qualifies as a CRA Small Business Loan
In this blog post, you'll learn the definition of a CRA small business loan, what is reportable, and how to figure out if your loans qualify. You'll also..
Fintech Update: Agencies Encourage Increased Regulator Oversight of Third Parties, but Will Anything Happen?
Increased risk exposure from third-party providers poses threats to the entire financial system, and banking regulatory agencies should have the ability
-1.png)
Third-Party Management of Cloud Computing
While 'the cloud' may seem mysterious to the layperson, there shouldn’t be anything secretive about your third-party vendors’ cloud use. If your vendor
-1.png)
2019 Risk Outlook: Concentration Risk
Concentration risk is most commonly associated with lending. Looking ahead, the New York Fed is warning of a different kind of concentration risk
Is Apple Pay a Vendor?
Apple Pay is not a direct vendor. This raises an interesting question. Should financial institutions (FI) using Apple Pay have to review Apple as a vendor?
NCUA Eyes Economic Environment, Change Management & Third-Party Risk With 2019 Supervisory Priorities
The NCUA has made adjustments to its Supervisory Priorities for 2019 - emphasizing controlling risks, including a new focus on third-party risk management.
The Top 8 Internal Cybersecurity Vulnerabilities Challenging Financial Institutions
Internal vulnerabilities are the aspects of cybersecurity that your institution has direct control over. The eight most significant internal vulnerabilitie
Fast Facts: Ncontracts' Compliance Solutions vs. The Others
What does TRUPOINT do differently than other banking compliance software providers? Here are five fast facts that really make the difference.
How the Government Shutdown is Affecting Regulatory Agencies
The partial government shutdown has furloughed workers at the national parks, the Smithsonian museums, the IRS, courts, and other federal institutions, but
Your Vendor Talks Risk Management Talk, but Does It Walk the Walk?
The words “manage, mitigate, and reduce risk” from a third-party vendor are music to the ears of a risk manager. Unfortunately, talk is cheap—and legal
11+ Banking Compliance Resources You'll Need in 2019
Here are 11 valuable compliance resources you'll want to bookmark and you prepare for compliance success. As the days and months pass, we will be...
5 Key Trends That Will Influence Your Compliance in 2019
Here are five factors that are likely to have a major impact on your bank, credit union, or mortgage company's compliance program...
Inside the Life of an Information Security Officer
What’s it like to be the information security officer at a $1.5 billion-asset community bank? We chatted with one to learn more about the challenges ISO
Turf Battles and Low Morale Can Increase Risk. Just ask FinCEN.
FinCEN’s issues are just a small part of the fascinating story about how Russia tried to use backdoor channels to infiltrate Treasury. It’s also a story
A Compliance Officer's "Night Before Christmas"
We hope that this compliance-themed version of the famous holiday poem brings you joy and good cheer this season!
Holiday Gift to Bankers: Regulators Slap Down Fintech Bank Wannabe
The Robin Hood of legend is known for being above the law. Fintech firm Robinhood is learning that it is not.
64% of Compliance Pros Don't Have Enough Time to Manage Requirements [Industry Report]
According to this 2018 Compliance Pulse industry report, more than 60 percent of compliance pros don't have enough time...
Yule Shoot Your Eye Out: Classic Holiday Movie Characters That Underestimated Risk
These classic films let us enjoy a bit of nostalgia and give us a break from the holiday rush, but do they have anything to teach us about risk? I’d say ye
Business Continuity
Business continuity means planning for major disruptions in a company so that the company can continue operations.
-1.png)
What Asset-Based Risk Assessments Get Wrong
Wouldn’t it be nice to reduce risk management to a simple checklist? That’s the thinking behind asset-based risk management - but this idea has more flash
-3.png)
RPO - Recovery Point Objective
RPO is otherwise known as Recovery Point Objective and refers to the age of files that must be recovered from backup storage for normal operations to
$11.8M UDAAP Compliance Settlement Highlights Regulatory Priorities
Do you know your UDAAP compliance risk? For all types of financial service providers, UDAAP risk management remains a focal point...
Findings on Findings on Findings: Guess Whose Audit Uncovered Over 2,000 Findings?
If you think tracking findings is challenging, try being the Pentagon. The Department of Defense underwent its first-ever full financial audit - the resuls
Examiners Will Be Focusing on Your Institution’s Riskiest Areas. Do You Know What They Are?
In the FFIEC Press Release, dated 11/27/2018, the FFIEC provided a more formal idea of what a “risk-based exam” looks like and the factors that will help
You Got SOC Questions? We Got SOC Answers!
Did you ask a question during our live broadcast of How to Leverage SOC and SSAE 18 Reports Throughout Every Department of Your Financial Institution?
The Lessons from Marriott’s Epic Data Breach
By now you’ve probably heard about the Marriott breach. According to the hotel company, an internal security tool alerted it to an unauthorized attempt to