For financial institutions subject to FDICIA, the Federal Deposit Insurance Corporation Improvement Act, the annual management attestation is a critical declaration of compliance. It signifies that the institution’s internal controls over financial reporting (ICFR) are effective. One key control to validate is how user access reviews are performed.
When I first entered the banking world, user access reviews were much more straightforward. Spreadsheets were used to capture the basics of who had network and core application access. There was a page in each employee’s file listing the keys and codes they had, and...
Are you confident that your bank has clear and thorough visibility to every employee’s physical and digital access to systems? If you’re like most banks we work with, the answer to this question is “no”. There are many challenges that make tracking employee access...
In the world of community banking, the landscape of information security and cyber risk management has dramatically evolved. Gone are the days when all servers were in-house, and every application installation involved the IT department. Today, it’s easier than ever for a Compliance Officer to sign off on a new software tool to manage Reg DD challenges or for a Loan Officer to adopt a cloud solution to improve customer acceptance rates.
For over a year now, every Tuesday, the Finosec team has been holding a meeting to discuss how we are leveraging AI personally, at work, and in our platform. These weekly meetings have consistently focused on sharing the impact of AI for each of us personally and the...
The integration of artificial intelligence (AI) in the financial services sector presents both transformative opportunities and significant challenges. As financial institutions increasingly evaluate AI technologies, it is crucial to ensure these innovations comply...
Recently, I had the privilege of speaking to a group of bankers at the ICBA Live conference. When I asked who was using AI, only a few hands went up. Then I asked how many had policies forbidding AI usage, and several more hands were raised. This brought us to an interesting realization: those banks were inadvertently in violation of their own policies. AI isn’t new—it’s been enhancing our industry for years, especially in cybersecurity and fraud detection.
For those of you who don’t know me or my family well, we are a Disney family. For those of you who just rolled your eyes, bear with me, this article isn’t just about Disney. It’s about a lightbulb moment I had while riding Epcot’s Spaceship Earth, which illustrates the journey of human progress from the dawn of time.
The area shows before the printing press how communication was handled; handwritten copies and one-to-one conversations. Then you see society’s leap from the written word to the digital age and computers. Just as the ride highlighted the milestone and impact of Gutenberg’s printing press, I found myself contemplating AI’s place in our future and the striking realization that the two journeys are more similar than they are different.
In the evolving state of cybersecurity, financial institutions grapple with the challenge of safeguarding their digital and financial assets against cyber threats. Cyber insurance has emerged as a critical component of risk management strategies. However, the complexities surrounding these policies, particularly regarding coverage in the event of a breach, can leave many organizations vulnerable.
The Federal Financial Institutions Examination Council (FFIEC) Authentication Guidance update in August 2021 has marked a significant step towards enhancing authentication and security access measures within financial institutions. This update expanded upon previous handbooks from 2005 and 2011, emphasizing a broader scope that now includes employees, third-party vendors, and system-to-system communications via APIs.
Beth Sumner, our VP of Customer Success, recently had the opportunity to discuss ransomware attacks and the importance of community bankers staying vigilant against these crimes in Independent Banker. While the number of ransomware attacks continues to increase, so do the sums demanded by the attackers.
