Records Retention: How to Meet the Regulatory Requirements and Manage Risk with Vendors
In the face of regulatory requirements and emerging security threats, banking institutions must consider the policies and procedures necessary for proper retention of audit reports, papers and logs.
Register for this webinar for an overview of the contractual, legal and regulatory compliance requirements for retention of audits, logs and third-party created documentation and reports. Among the key points covered:
- What you need to know about regulatory requirements for record retention;
- How to identify the records retention risks for financial institutions and third-party service providers;
- How to mitigate those risks.
Given the legal and regulatory requirements related to record retention policies -- particularly considering such scandals as Enron and WorldCom in the United States -- the importance of records retention is in the limelight.
As outsourcing is now commonplace for financial institutions, it's key to consider: When you entrust business partners with your company's confidential data, you place all control of security measures completely into their hands. But:
- Do you know what they are doing with the logs generated as a result of the activities you outsourced to them?
- Do you know what they are doing with the reports that relate to your business?
- Do you know their records retention practices?
As an effect of many recent laws and regulations, it is also common to have third parties perform audits, risk assessments or vulnerability assessments. What happens to these reports following the audit or assessment? How long is it reasonable for the third party to retain your report? What do regulations require with regard to retention?
In this exclusive webinar, noted privacy expert Rebecca Herold will lead a discussion of what financial institutions should know about the requirements for retaining data, logs and audit reports, as well as the related risks involved with entrusting third parties to retain records for the activities that have been outsourced to them.
Among the points Rebecca will discuss:
- Retention responsibilities for financial institutions;
- Types of data and reports for which financial institutions and vendors have retention responsibilities;
- Risks involved with data retention within financial institutions and with their business partners;
- Ways to mitigate those risks.
You might also be interested in …