Product Updates for April 2019
The Product Updates for April 2019 from BankPolicies.com feature the following revised policy template products:
The update to this product is in response to the OCC’s Bulletin 2019-15 entitled “Statement on Confidentiality” dated 03/26/19 that reminds financial institutions that they are prohibited by regulation from disclosing nonpublic OCC information, including their CAMELS rating, without prior approval of the OCC, except in very limited circumstances. Any unauthorized disclosure or use of nonpublic OCC information without the express permission of the OCC may be subject to criminal penalties under federal law. This bulletin describes the requirements and the OCC’s expectations related to the disclosure of nonpublic OCC information and includes a listing of alternative sources of publicly available bank information.
The update to these products is in response to the FCC’s publication in the Federal Register entitled “Rules and Regulations Implementing the Telephone Consumer Protection Act of 1991: Regarding the Commission’s Opt-Out Notice Requirement for Faxes Sent With the Recipient’s Prior Express Permission” dated 03/20/19 that amends its rules by eliminating the rule that requires an opt-out notice on fax advertisements sent with the recipient’s prior express permission or consent. This rule was declared unlawful by the United States Court of Appeals for the D.C. Circuit and therefore its elimination is warranted to ensure uniform and consistent application of the rules.
The update to this product is in response to the NIST Special Publication 800-177 Rev. 1 entitled “Trustworthy Email” dated February 2019 which describes guidelines for enhancing trust in email and recommendations for the support of core SMTP and Domain Name Systems (DNS) through the use of authentication mechanisms. The document includes newly specified email protocol additions, such as Mail Transfer Agent Strict Transport Security (MTA-STS) and Transport Layer Security (TLS) Reporting, as well as an email system FISMA overly developed to aid systems administrators in deploying email services that address relevant FISMA controls. It is intended to be a guide for enterprise email administrators, information security specialists, and network managers.
As a courtesy we revised these products to eliminate any regulatory guidance that was in effect prior to the new “Rules Concerning Prepaid Accounts Under the Electronic Fund Transfer Act (Regulation E) and the Truth in Lending Act (Regulation Z)” dated 01/25/18 that went into effect on 04/01/19.