Regulators Issue Guidance on Remote Deposit Capture

Federal banking regulators have just released new risk management guidance on remote deposit capture. This FFIEC guidance is to be used by examiners, financial institutions and technology service providers to identify risks, evaluate controls and assess risk management practices related to remote deposit capture (RDC) systems. Many of the larger banking institutions already have RDC as part of their operations.

RDC is a service that allows a customer (either a business or individual) to scan checks and transmit the scanned images or ACH-data to a financial institutions for posting and clearing. The Check 21 legislation passed a few years ago allows institutions to clear checks based upon images of the originals instead of having to send paper checks to the paying institution for clearing. Institutions also use RDC in their branches and automated teller machines (ATMs) to facilitate deposit processing.

RDC is an important technological development for institutions that, when properly managed, can cut processing costs and speed the availability of customers' funds. But RDC also introduces new risks and increased existing risk in processing deposits.

The guidance, Risk Management of Remote Deposit Capture, includes essential elements of RDC risk management: identifying, assessing and mitigating risk, as well as measuring and monitoring residual risk exposure.

The guidance talks to the responsibilities of senior managers in overseeing the development, implementation, and operation of RDC at their financial institutions. Regulators say the Interagency RDC examination procedures are expected in an updated version of FFIEC's Retail Payment Systems booklet that will come out in early 2009.

About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.