New Daylight Savings Time Begins March 11, Institutions Need To Check Systems

New Daylight Savings Time Begins March 11, Institutions Need To Check Systems
The Office of the Comptroller of Currency (OCC) issued a bulletin on February 21 about the changes in Daylight Savings Time. All financial institutions should be aware that Daylight Savings Time begins earlier and ends later this year. The OCC bulletin reminds institutions and their technology service providers of the upcoming change in the schedule for Daylight Savings Time. Institutions may be exposed to a variety of risks if they do not prepare their systems to reflect this change. The Credit Union National Association (CUNA) also noted DST change to its membership earlier in February.

Daylight Savings Time (DST) in the United States will begin earlier and end later in 2007. The Energy Policy Act of 2005, signed into law August 2005, moves the beginning of DST from the first Sunday in April to the second Sunday in March (March 11). DST will now end the first Sunday in November (November 4) instead of the last Sunday in October.

The OCC bulletin noted institutions should include this change in their risk management considerations. The bulletin noted, “The impact of the change in DST may not cause systems failures, but without remediation and preparation, banks could experience logging errors, monitoring difficulties, degraded system performance, or disruptions of some services. In addition, malfunctioning systems could result in compliance errors (e.g., incorrect ATM disclosures) and securities issues (e.g., malfunctioning security systems).”

It continued, “Bank management should understand the potential impact of the DST change on its hardware and software and plan for appropriate changes. Servers, mainframes, other important systems, and essential computer clock-dependent processes should be set to synchronize with the new time change. Management should review both date and time stamp processes and the many time-sensitive routines essential to information systems.”

The OCC also recommended major operating system vendors should have suitable patches available for the most current releases of their systems. Vendors of other systems and applications may also have patches available. “If, however, no patch is currently available, bank management should confirm that its vendors will provide a suitable patch. Internally developed or customized systems may require custom patches or other special attention. Whether suitable patches are available or not, bank management should develop and implement strategies to appropriately mitigate risks associated with this time change.”

Other systems may be affected as well; for example, those controlling heating, air conditioning, lights, alarms, telephone systems, and the opening of cash vault doors. If third parties provide time-sensitive services, management should ensure that the servicers are planning to make appropriate changes, the OCC bulletin noted.

The OCC recommended management should consider the following actions to ensure readiness for the new start of DST:

• Review and verify modifications necessary for all important systems and essential processes, including servers, applications, and utility systems.

• Ensure that critical systems will synchronize and function properly by testing or other means.

• Determine which systems are connected to the USNO Master (Atomic) Clock through a network time protocol (NTP or NTPD) and whether they will synchronize with the master clock at the appropriate moment.

• Contact third-party service providers to ensure that the bank is protected.

• Determine whether the bank has systems that require a manual procedure to be performed and whether a follow-up plan is needed.

• Ensure that systems adjustments will not be duplicated when the historic change date occurs.

• Ensure that all employees throughout the bank are alerted to this change.

According to the CUNA article, older versions of Microsoft operating systems will not make the change to the new time automatically. Microsoft has instructions on how to manually update home and office operating systems on its website.


About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.