Product Updates October 2016 is providing you with these product updates as a courtesy to all of our clients. If you have any questions, please contact us.

Revised Policy Templates

The update to these products is in response to FFIEC’s Press Release entitled “Federal Regulators Release Revised Information Systems Security Booklet” dated 09/09/16 that announced a revised Information Security booklet, which is part of the FFIEC Information Technology Examination Handbook (IT Handbook).  The revised booklet addresses the factors necessary to assess the level of security risks to a financial institution’s information systems.  In addition, the booklet helps examiners evaluate the adequacy of the information security program’s integration into overall risk management.

The update to these products is in response to FinCEN’s Advisory FIN-2016-A003 entitled “Advisory to Financial Institutions on E-Mail Compromise Fraud Schemes” dated 09/06/16 to help financial institutions guard against a growing number of e-mail fraud schemes in which criminals misappropriate funds by deceiving financial institutions and their customers into conducting wire transfers.  In addition, this advisory provides red flags (developed in consultation with the Federal Bureau of Investigation and the U.S. Secret Service) that financial institutions may use to identify and prevent such e-mail fraud schemes.

As a reminder, the completed contents of the Identity Theft Program Policy Template are included within the Fair Credit Reporting Act Policy Template as topic 10.