FFIEC Authentication Guidance Examination in 2012: Are You Prepared? Areas of Continuity, Change, and Emphasis


In This Presentation:


- Critical differences in the 2011 Supplement as compared to the 2005 Guidance

- Other useful sources of regulatory guidance on authentication

- Concluding thoughts on areas of examination emphasis

Why the need for the Supplement?

-Supplement reiterates the need to perform periodic risk assessments and adjust customer authentication controls as appropriate in response to new threats

- However, certain aspects of the 2005 Guidance have become less effective or require enhancement due to significant changes in the threat landscape:

- More sophisticated, effective and malicious methods to compromise authentication mechanisms and gain access to online accounts

- Criminal groups specializing in financial fraud

- Fraud tools are easily obtainable on Internet

- Malware installed on computers monitor user activity, facilitate theft and misuse of login credentials

- Cybercrime complaints significantly up since 2005, in particular with respect to commercial accounts.

Please see full presentation below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Published In: Administrative Agency Updates, Finance & Banking Updates, Privacy Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Davis Wright Tremaine LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »