FFIEC Online Banking Security Readiness Study
This research study, conducted by Guardian Analytics, was designed to evaluate how financial institutions have responded to the FFIEC guidance supplement issued in June 2011. The results, reflecting the input from more than 300 financial institution executives, show that banks and credit unions have initially responded quickly to the agencies' updated expectations, but still have significant work to do in preparation for their 2012 exams.
- There IS action. Overwhelmingly, banks and credit unions are in full gear to respond to the FFIEC's elevated expectations, although the nature of their activity ranges from forming exploratory committees to deploying new technology solutions.
- Risk assessments are in full swing. Over half of institutions surveyed have already completed a risk assessment within the past 6 months and a large majority plan on conducting assessments on a monthly to quarterly basis.
- New anomaly detection technologies are being implemented. A majority of respondents indicate that they intend to implement new anomaly detection technology within 6 months.
- Closer study of the guidance is warranted. Despite the positive overall steps that institutions are taking, there is noticeable disconnect between what they're doing and the agencies' minimum expectations.