|
 |
 |
 |
 |
|
Final Regulation R-Exceptions and Exemptions for Banks from the Definition of "Broker" FIL-92-2007, October 25, 2007 Summary: On October 3, 2007, the Board of Governors of the Federal Reserve System (Board) and the U.S. Securities and Exchange Commission (SEC) published the attached final rules that implement provisions of the Gramm-Leach-Bliley Act (GLBA) that except banks from the definition of "broker" under the Securities Exchange Act of 1934 when they conduct certain securities transactions.
The Securities and Exchange Commission (SEC) and Board of Governors of the Federal Reserve System (Board) on Monday announced the adoption of final joint rules to implement the “broker” exceptions for banks under Section 3(a)(4) of the Securities Exchange Act of 1934. These exceptions were adopted as part of the Gramm-Leach-Bliley Act of 1999 (GLB Act). The SEC and the Board approved the final rules at separate open meetings held on September 19, 2007, and September 24, 2007, respectively.
New technologies are constantly adding speed, convenience and flexibility to practically everything we do -- including how we bank and pay for goods and services. The latest FDIC Consumer News (Spring 2007), published by the Federal Deposit Insurance Corporation, features a look at some revolutionary new ways to conduct daily financial transactions using high-tech cards and cell phones, along with tips for choosing and using these services. Also in this issue: advice for adjustable-rate mortgage (ARM) borrowers that may help them avoid losing their home if they are unable to make monthly payments when the interest rate goes up, and tips for avoiding inappropriate or fraudulent investments. Speed Banking and Paying: The newsletter focuses on three new forms of technology that can make paying and banking faster and easier -- cards with a pre-loaded value, such as gift cards for purchases at stores and pre-paid debit cards for use at businesses as
Summary: The FDIC, the other federal financial institution regulatory agencies, the Securities and Exchange Commission, the Federal Trade Commission, and the Commodity Futures Trading Commission (the agencies) have jointly published the attached Notice of Proposed Rulemaking (NPR) seeking comment on a model privacy form that financial institutions could use to satisfy the privacy notice requirements of the Gramm-Leach-Bliley Act (GLBA). The proposed privacy form would also provide consumers with the opportunity to limit certain information-sharing practices, as permitted by the GLBA and the Fair Credit Reporting Act. Comments on the proposed rule are due by May 29, 2007.
The OCC, Board, FDIC, OTS, NCUA, FTC, CFTC, and SEC (the Agencies) are proposing amendments to their rules that implement the privacy provisions of the Gramm-Leach-Bliley Act (GLB Act), Title V, Subtitle A. These rules require financial institutions to provide initial and annual privacy notices to their customers. As required under Section 728 of the Financial Services Regulatory Relief Act of 2006 (Regulatory Relief Act or Act), the Agencies are proposing a safe harbor model privacy form that financial institutions may use to provide disclosures under the privacy rules.
The FDIC is notifying FDIC-supervised banks of the attached joint proposed rulemaking by the Securities and Exchange Commission (SEC) and the Board of Governors of the Federal Reserve System that would implement the statutory exceptions from the definition of "broker" contained in the Gramm-Leach-Bliley Act (GLBA). The proposed regulation was drafted in consultation with the FDIC, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision, and is designed to protect investors in a manner that does not unduly disrupt current bank business practices. Comments are due to the SEC or the Federal Reserve by March 26, 2007.
PURPOSE AND BACKGROUND This issuance is intended to notify all national banks and national bank examiners that recently the Securities and Exchange Commission (SEC) and the Board of Governors of the Federal Reserve System (Board) jointly issued proposed rules that define the extent to which securities brokerage activities of banks are subject to SEC regulation. The proposed rules, known as "Regulation R," would implement provisions of the Gramm–Leach–Bliley Act of 1999 (GLBA) that set forth certain exemptions for banks from the broker-dealer registration requirements of the Securities Exchange Act of 1934 (Exchange Act). In developing this proposal, the SEC and the Board consulted with the Office of the Comptroller of the Currency (OCC), the Federal Deposit Insurance Corporation (FDIC) and the Office of Thrift Supervision (OTS).
On March 29, 2005, the Office of the Comptroller of the Currency (OCC), Board of Governors of the Federal Reserve System (Board), Federal Deposit Insurance Corporation (FDIC), and Office of Thrift Supervision (OTS) (collectively, the Agencies) published the Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice (70 FR 15736) (Guidance). The Guidance interprets the requirements of section 501(b) of the Gramm-Leach-Bliley Act (GLBA), 15 U.S.C. 6801, and the Interagency Guidelines Establishing Information Security Standards (Security Guidelines) 1 to include the development and implementation of a response program to address unauthorized access to or use of customer information that could result in substantial harm or inconvenience to a customer.
The Federal Financial Institutions Examination Council (FFIEC) today released the revised Bank Secrecy Act/Anti-Money Laundering (BSA/AML) Examination Manual (manual). The revised manual reflects the ongoing commitment of the federal banking agencies and the Financial Crimes Enforcement Network (FinCEN) to provide current and consistent guidance on risk-based policies, procedures, and processes for banking organizations to comply with the BSA and safeguard operations from money laundering and terrorist financing. The manual has been updated to further clarify supervisory expectations and incorporate regulatory changes since the manual's 2005 release. The revisions also draw upon feedback from the banking industry and examination staff.
Why GAO Did This Study
GAO was asked to examine (1) financial institutions' use of resellers; (2) federal privacy and security laws applicable to resellers; (3) federal regulators' oversight of resellers; and (4) regulators' oversight of financial institution compliance with privacy and data security laws. To address these objectives, GAO analyzed documents and interviewed representatives from 10 information resellers, 14 financial institutions, 11 regulators, industry and consumer groups, and others.
This report presents the results of our audit of the FDIC’s implementation of the Gramm-Leach-Bliley Act of 1999 (GLBA) Title V and the Fair and Accurate Credit Transactions Act of 2003 (FACT Act). The audit objective was to determine whether the FDIC’s Division of Supervision and Consumer Protection (DSC): - provided adequate guidance to FDIC-supervised institutions and examiners for implementing the data privacy and security provisions of the GLBA Title V and the FACT Act, and - implemented the recommendations in Office of Inspector General (OIG) Audit Report No. 03-044, The Federal Deposit Insurance Corporation’s Progress in Implementing the Gramm-Leach-Bliley Act, Title V - Privacy Provisions, dated September 26, 2003.
The purpose of this bulletin is to provide banks with guidance on how to respond to incidents of Web-site spoofing. The bulletin addresses procedures banks can implement to mitigate the risks to themselves and their customers by detecting and responding to Web-site spoofing. It also identifies the types of information banks can provide to law enforcement authorities to assist in investigating illegal activities. This bulletin expands on OCC Alert 2003-11, “Customer Identity Theft: E-mail-Related Fraud Threats,” September 12, 2003.
This Small-Entity Compliance Guide is intended to help financial institutions comply with the Interagency Guidelines Establishing Information Security Standards (Security Guidelines). The guide summarizes the obligations of financial institutions to protect customer information and illustrates how certain provisions of the Security Guidelines apply to specific situations. The appendix lists resources that may be helpful in assessing risks and designing and implementing information security programs.
Although this guide was designed to help financial institutions identify and comply with the requirements of the Security Guidelines, it is not a substitute for the Security Guidelines. Moreover, this guide only addresses obligations of financial institutions under the Security Guidelines and does not address the applicability of any other federal or state laws or regulations that may pertain to policies or practices for protecting customer records and information.
Fight Back: What You Can Do about Identity Theft
If you think your identity has been stolen, here's what to do now: Contact the fraud departments of any one of the three major credit bureaus to place a fraud alert on your credit file. The fraud alert requests creditors to contact you before opening any new accounts or making any changes to your existing accounts. As soon as the credit bureau confirms your fraud alert, the other two credit bureaus will be automatically notified to place fraud alerts. Once the alert is placed, you may order a free copy of your credit report from all three major credit bureaus. The special toll-free numbers for the fraud departments are: Equifax at (800) 525-6285, Experian at (888) 397-3742 and Trans Union at (800) 680-7289. Close the accounts that you know or believe have been tampered with or opened fraudulently. Use the ID Theft Affidavit when disputing new unauthorized accounts.
File a police report. Get a copy of the report to submit to your creditors and others that may require proof of the crime.
The FDIC is issuing the attached guidance to financial institutions recommendingan effective spyware prevention and detection program based on an institution’s risk profile. This guidance and the attached informational supplement discuss the risks associated with spywarefrom both a bank and consumer perspective and provide recommendations to mitigate these risks.
This advisory letter informs national banks about two areas of consumer bank fraud—identity theft and pretext calling—and advises them about measures to prevent and detect these types of fraud. The Gramm–Leach–Bliley Act (GLBA), enacted in 1999, directs the federal banking agencies (the Agencies) to ensure that banks have policies, procedures, and controls in place to prevent the unauthorized disclosure of customer financial information and to deter and detect fraudulent access to such information.1 The Agencies recently adopted guidelines for the safeguarding of customer information by financial institutions.2 The advisory letter supplements those guidelines by focusing on the protection of customer information specifically against identity theft and pretext calling. Identity theft is the fraudulent use of an individual’s personal identifying information. Often, identity thieves will use another individual’s personal information such as a social security number, mother’s maiden name, date of birth, or account number to fraudulently open new credit card accounts, charge existing credit card accounts, write checks, open bank accounts or obtain new loans.
These examination procedures are derived from the interagency Guidelines Establishing Standards for Safeguarding Customer Information, as mandated by Section 501(b) of the Gramm-Leach-Bliley Act of 1999. The guidelines address standards for developing andimplementing administrative, technical, and physical safeguards to protect the security,confidentiality, and integrity of customer information.
The guidelines require each institution to implement a comprehensive written informationsecurity program that includes administrative, technical, and physical safeguards appropriate tothe size and complexity of the institution and the nature and scope of its activities. While allparts of the institution are not required to implement a uniform set of policies, all elements of theinformation security program must be coordinated.
The Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision jointly requested comment today on a proposed rule establishing standards for safeguarding confidential customer information. The proposed rule would implement section 501 (b) of the Gramm-Leach-Bliley Act (GLBA).
The law requires the agencies to establish standards for financial institutions relating to administrative, technical and physical safeguards for customer records and information. These safeguards are intended to ensure the security and confidentiality of customer records and information, protect against any anticipated threats or hazards to the security or integrity of these records and protect against unauthorized access to or use of these records or information that would result in substantial harm or inconvenience to a customer.
The federal bank and thrift regulatory agencies have sent to the Federal Register joint guidelines for safeguarding confidential customer information. The guidelines implement section 501(b) of the Gramm-Leach-Bliley Act (GLBA), and will be effective on July 1, 2001.
The GLBA requires the agencies to establish standards for financial institutions relating to administrative, technical and physical safeguards for customer records and information. These safeguards are to ensure the security and confidentiality of customer records and information, protect against any anticipated threats or hazards to the security or integrity of these records, and protect against unauthorized access to or use of these records or information that would result in substantial harm or inconvenience to a customer.
The purpose of this bulletin is to alert you to the joint-agency issuance of the attached final "Guidelines Establishing Standards for Safeguarding Customer Information" and to highlight provisions of these guidelines. The guidelines are mandated by Section 501 of the Gramm-Leach-Bliley Act of 1999 (GLBA), and are effective July 1, 2001. The guidelines affect all national banks, federal branches and federal agencies of foreign banks, and any subsidiaries of such entities (except brokers, dealers, persons providing insurance, investment companies, and investment advisors).1 The guidelines describe the Office of the Comptroller of the Currency's (OCC's) expectations for the creation, implementation, and maintenance of a comprehensive information security program. BACKGROUND Section 501 of the GLBA requires the OCC and other federal banking agencies to establish appropriate standards for the administrative, technical, and physical safeguards for customers' "nonpublic personal information." The OCC has done so by issuing guidelines that require each national bank to establish an information security program.
A bank's information security program must be designed to ensure the security and confidentiality of customer information, protect against any anticipated threats or hazards to the security or integrity of such information, and protect against unauthorized access to or use of such information that would result in substantial harm or inconvenience to any customer.
In 2001, NCUA amended 12 CFR Part 748 to fulfill a requirement in Section 501 of the Gramm-Leach-Bliley Act (Pub. L. No. 106-102) (GLBA), in which Congressdirected both NCUA and the other Federal Financial Institution Examination Council (FFIEC ) agencies, including the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision (collectively, the “Banking Agencies”) to establish standards for financial institutions relating to administrative, technical, and physical safeguards to: (1) insure the security and confidentiality of customer records and information; (2) protect against any anticipated threats or hazards to the security or integrity of such records; and (3) protect against unauthorized access to or use of such records or information that could result in substantial harm or inconvenience to any customer. Although NCUA worked with the Banking Agencies to develop the standards described above, the Banking Agencies issued their standards as guidelines under the authority of Section 39 of the Federal Deposit Insurance Act.
Since Section 39 of the Federal Deposit Insurance Act does not apply to NCUA, the NCUA Board determined that it could best meet the congressional directive to prescribe standards through an amendment to its existing regulation governing security programs for federally insured credit unions and by providing guidanceto credit unions, substantially identical to the guidelines issued by the Banking Agencies, in an appendix to the regulation. 12 CFR Part 748, Appendix A; 66 FR 8152 (January 30, 2001). The preamble to the final rule discusses the different regulatory framework under which the Banking Agencies issued their guidelines. The final regulation requires each federally insured credit union to establish and maintain a security program implementing the safeguards required by GLBA.
FACILITATING AFFILIATION AMONG BANKS, SECURITIES FIRMS, AND INSURANCE COMPANIES
Summary: The FDIC is providing guidance to financial institutions on the security risks • VoIP is susceptible to the same security risks as data networks if security policies and configurations are inadequate.
Summary: The Federal Deposit Insurance Corporation encourages banks to assist those impacted by Hurricane Katrina by honoring handwritten, typewritten, and laser checks issued by certain Social Security Administration Offices.
In 2001, NCUA amended 12 CFR Part 748 to fulfill a requirement in Section 501 of the Gramm-Leach-Bliley Act (Pub. L. No. 106-102) (GLBA), in which Congress directed both NCUA and the other Federal Financial Institution Examination Council (FFIEC ) agencies, including the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision (collectively, the “Banking Agencies”) to establish standards for financial institutions relating to administrative, technical, and physical safeguards to...
On January 17, 2001, the banking regulatory agencies adopted guidelines implementing Section 501 of the Gramm-Leach-Bliley Act (GLBA). The guidelines require financial institutions to establish a comprehensive and coordinated information security program, appropriate to the size of the bank and the complexity of its operations.
The FDIC is providing the attached guidance to financial institutions to remind them of the importance of an effective internal corporate code of conduct or written ethics policy.
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
RSS Syndication