Vendor Management Resource Center
Introduction
Strong third-party oversight begins before a contract is signed and continues through the entire life cycle of the relationship. Buckley provides a full range of vendor management expertise, bringing to bear our extensive experience advising on issues involving loan servicing, affiliate marketing, add-on products and services, consumer protection, cloud computing, foreign-based service providers, data security, business process outsourcing, records management and retention, and all aspects of privacy law.
Thought Leadership & Analysis
Treasury reports on risks to financial firms adopting cloud services
On February 8, the U.S. Treasury Department launched the interagency Cloud Services Steering Committee in an effort to improve regulatory and private sector cooperation and develop best practices for cloud-adoption frameworks and contracts. As part of the announcement, Treasury released a first-of-...
InfoBytesOCC orders bank to improve oversight of fintech partnerships
Recently, a national bank disclosed an agreement reached with the OCC that requires the bank to improve its oversight and management of third-party fintech partnerships. According to an SEC filing, the OCC found unsafe or unsound practices related to the bank’s third-party risk management, Bank...
InfoBytesFTC settles with mortgage analytics company
On December 22, the FTC announced the final approval of a settlement with a mortgage industry data analytics firm (defendant) for allegedly failing to develop, implement, and maintain a comprehensive information security program and ensure third-party vendors are capable of implementing and...
InfoBytesOCC warns of key cybersecurity and climate-related banking risks
On December 6, the OCC reported in its Semiannual Risk Perspective for Fall 2021 the key issues facing national banks and federal savings associations and the effects of Covid-19 on the federal banking industry. The agency reported that although banks showed resilience in the current environment...
InfoBytesFINRA reminds firms of third-party supervisory obligations
On August 13, the Financial Industry Regulatory Authority (FINRA) reminded member firms of their supervisory obligations related to outsourcing to third-party vendors. Regulatory Notice 21-29 reiterates that supervisory obligations under FINRA Rule 3110 extend to member firms’ outsourcing of...
InfoBytesNYDFS tells industry to tighten third-party risk management
On April 27, NYDFS released a report warning the financial services industry to tighten third-party risk management measures, as the “next great financial crisis could come from a cyber-attack.” The report covers a December 2020 cyber-attack described as “part of a widespread, sophisticated cyber...
InfoBytesFTC settles with mortgage analytics company over vendor oversight deficiencies
On December 15, the FTC announced a settlement with a Texas-based data mortgage analytics company (defendant), resolving allegations that the defendant violated the Gramm-Leach Bliley Act’s Safeguards Rule (Safeguards Rule) and the FTC Act by failing to ensure a third-party vendor hired to perform...
InfoBytesHUD issues mortgagee letter extending interim procedures relating to FHA Section 232 approved mortgages
On July 31, 2020, the U.S. Department of Housing and Urban Development issued Mortgagee Letter 2020-25 , which extends interim procedures regarding site access issues related to Section 232 mortgage insurance applications during the Covid-19 pandemic (previously covered here ). The guidance...
InfoBytesMaryland secretary of state provides updated guidance on remote notarizations
On July 31, the Maryland’s secretary of state provided updated guidance regarding the waived in-person notarization requirement as part of the state’s Covid-19 response (see here for previous coverage). The guidance provides requirements for performing remote notarizations, lists remote notary...
InfoBytesFDIC seeks input on voluntary certification of innovative technologies
On July 20, the FDIC issued a Request for Information (RFI) seeking input on whether a public/private standard-setting partnership and voluntary certification program could be established to (i) promote the efficient and effective adoption of innovative technologies at supervised financial...
InfoBytesOCC highlights key risks for federal banking system, says compliance risk elevated due to Covid-19
On June 29, the OCC released its Semiannual Risk Perspective for Spring 2020 , which reports on key risk areas that pose a threat to the safety and soundness of national banks and federal savings associations. In particular, the OCC focused this report on the financial impacts of the Covid-19...
InfoBytesBoston Fed updates Main Street Lending Program FAQs
On June 20, the Federal Reserve Bank of Boston updated FAQs for its Main Street Lending Program (see here , here and here for previous coverage). Among other things, new FAQs address the treatment of applicant debt to third party lenders for purposes of calculating outstanding and undrawn debt,...
InfoBytesARRC issues LIBOR transition “best practices”
On May 27, the Alternative Reference Rates Committee (ARRC)—a group of private-market participants convened by the Federal Reserve Board and the Federal Reserve Bank of New York— released a set of best practices for market participants to transition from LIBOR to the Secured Overnight Financing...
InfoBytesOCC updates FAQs on third-party risk management
On March 5, the OCC released Bulletin 2020-10 , which provides answers to frequently asked questions (FAQs) concerning its existing guidance on management of third-party relationships, including relationships with fintech firms and data aggregators. This bulletin, issued to supplement Bulletin 2013...
InfoBytesFed governor discusses modernizing payment systems for community banks
On February 27, Federal Reserve (Fed) Governor Michelle W. Bowman spoke before the Banking Outlook Conference held at the Federal Reserve Bank of Atlanta on ways the Fed can increase transparency and modernize payment services for community banks. Bowman stated that the Fed is “uniquely positioned...
InfoBytesFed governor identifies community banks' fintech challenges
On February 10, Federal Reserve (Fed) Governor Michelle W. Bowman spoke before the Conference for Community Bankers on the interaction between innovation and regulation for community banks. In discussing her “vision for creating pathways to responsible community bank innovation,” Bowman identified...
InfoBytes3rd Circuit: Each premium payment could violate RESPA’s prohibition on kickbacks
On June 19, the U.S. Court of Appeals for the 3rd Circuit affirmed the dismissal of a RESPA class action against a national bank, concluding the suit was not timely filed. According to the opinion, two consumers took out mortgages with the bank in 2005 and 2006. In 2011, the consumers were part of...
InfoBytesColorado Court of Appeals reverses law firm penalty for affiliated vendor relationships
On April 4, the Colorado Court of Appeals reversed the trial court’s ruling assessing civil penalties against a foreclosure law firm for allegedly failing to disclose that its principals had an ownership interest in one of its vendors. The appeals court found that the civil penalty was not...
InfoBytesFDIC issues guidance on gaps in technology service provider contracts
On April 2, the FDIC issued Financial Institution Letter FIL-19-2019 (Technology Service Provider Contracts), which describes examiner observations about gaps in financial institutions’ contracts with technology service providers (TSPs) that may require financial institutions to take additional...
InfoBytesFinal deadline approaching for NYDFS cybersecurity regulation
On January 31, NYDFS issued a reminder for regulated entities that the final deadline for implementing NYDFS’s cybersecurity regulation ends March 1. Under the new regulation, banks, insurance companies, mortgage companies, money transmitters, licensed lenders and other financial services...
InfoBytesFTC approves final expanded settlement with global ride-sharing company over data breaches
On October 26, the FTC announced its final approval of an expanded settlement with a global ride-sharing company over allegations that the company violated the FTC Act by deceiving consumers regarding the company’s privacy and data practices. Specifically, the company allegedly failed to closely...
InfoBytesFHFA issues guidance for third-party provider relationships
On September 28, FHFA released Advisory Bulletin AB 2018-08 , which provides guidance to Fannie Mae and Freddie Mac, the Federal Home Loan Banks, and the Office of Finance (regulated entities) on the evaluation and management of risks associated with third-party provider relationships. (FHFA...
InfoBytesOCC highlights supervisory priorities in fall 2017 semiannual risk report
On January 18, the OCC announced the release of its Semiannual Risk Perspective for Fall 2017 , identifying key risk areas for national banks and federal savings associations. Top supervisory priorities will focus on credit, operational, and compliance risk. As previously discussed in the spring...
InfoBytesVA Clarifies Third-Party Verification Requirements
On December 29, the Department of Veterans Affairs (VA) issued Circular 26-17-43 to clarify its policy that lenders may use third-party vendors to verify borrower income, employment, and asset information subject to the following caveats: (i) lenders must retain full responsibility for verifying...
InfoBytesOCC Issues Updates to Risk Management Principles
On October 20, the OCC released modifications to its risk management principles for new, modified, or expanded financial products and services (collectively, new activities). Bulletin 2017-43 rescinds OCC Bulletin 2004-20 and section 760 of the Office of Thrift Supervision Examination Handbook ...
InfoBytesTrade Groups Lobby for Exemption of Small Independent Mortgage Lenders from CFPB Examinations
On September 18, the Community Home Lenders Association and the Community Mortgage Lenders of America sent a joint letter to Treasury Secretary Mnuchin urging relief for smaller independent mortgage bankers from CFPB supervision, enforcement, and vender management audits. Specifically, the trade...
InfoBytesCFPB Releases Updated Compliance Management Procedures in Supervision and Examination Manual
On August 30, the CFPB posted revisions to its Compliance Management Review Examination Procedures —part of its Supervision and Examination Manual —that is intended to provide guidance for institutions when developing and maintaining compliance management systems (CMS). The Bureau advises that to...
InfoBytesBasel Committee on Banking Supervision Issues Consultative Document on Implications of Fintech for the Banking Industry
As waves of innovative financial technology (fintech) continue to reshape the financial services landscape, banking institutions and their supervisors have invested significant effort in analyzing its impact and developing an appropriate response. On August 31, the Basel Committee on Banking...
InfoBytesSEC Releases Risk Alert, IMF Issues White Paper on Cybersecurity Awareness
On August 7, the SEC’s Office of Compliance Inspections and Examinations issued a risk alert entitled “Observations from Cybersecurity Examinations,” which provides findings and observations concerning industry practices and legal and compliance issues related to cybersecurity preparedness. The SEC...
InfoBytesFTC Approves Modifications to COPPA Safe Harbor Program
On July 31, the FTC announced it has approved TRUSTe’s proposed modifications to its Children’s Online Privacy Protection Rule's (COPPA) safe harbor program. As previously covered in InfoBytes , COPPA regulates what websites and online services are required to do to ensure the protection of...
InfoBytesFDIC Updates Supervisory Guidance on Risk Management Examination Policies
On July 26, the FDIC issued Financial Institution Letter FIL-31-2017 to announce updates to its Risk Management Manual of Examination Policies. The revisions, which incorporated guidance from the FDIC’s Board of Directors, updated the Report of Examination Instructions regarding matters requiring...
InfoBytesOCC Releases Spring 2017 Semiannual Risk Report
On July 7, the Office of the Comptroller of the Currency (OCC) announced the release of its Semiannual Risk Perspective for Spring 2017 indicating key risk areas for national banks and federal savings associations. Acting Comptroller of the Currency Keith Noreika pointed out in his remarks that, “[...
InfoBytesJeffrey P. Naimon authored a Mortgage Compliance Magazine article, "Divide & Conquer"
The Consumer Financial Protection Bureau (CFPB or Bureau) continues to expand its gaze, announcing this past April that it has begun implementation of a program to directly supervise service providers of financial institutions, particularly those that cater to the mortgage industry. As regulatory...
ArticlesOCC to Host Operational Risk Workshop, Will Hold Innovation "Office Hours"
On July 25, the OCC will host an operational risk workshop in Charleston, WV for directors of national community banks and federal savings associations supervised by the OCC. The workshop will focus on the key components of operational risk, governance, third-party risk, vendor management, and...
InfoBytesSpecial Alert: OCC Issues Supplement to Third-Party Oversight Guidance, Emphasizes Bank Responsibilities in Managing Risks in Fintech Relationships
On June 7, 2017, the Office of the Comptroller of the Currency (OCC) issued Bulletin 2017-21 as a supplement to Bulletin 2013-29 , the OCC’s 2013 risk management guidance related to third-party relationships. The OCC’s latest release answers 14 frequently asked questions (FAQs) and marks the second...
ArticlesOCC Supplement Answers Frequently Asked Questions Covering Third-Party Relationships: Risk Management Guidance
On June 7, the OCC released Bulletin 2017-21 , which provides answers to frequently asked questions from national banks and federal saving associations concerning third-party procedure guidance. The Bulletin, issued to supplement Bulletin 2013-29 , “Third-Party Relationships: Risk Management...
InfoBytesFFIEC Releases Update to Cybersecurity Assessment Tool to Aid Institution Preparedness
On May 31, the Federal Financial Institutions Examination Council (FFIEC) announced the release of an update to the Cybersecurity Assessment Tool (CAT) developed to aid institutions in determining their risk profiles, identifying risks, and determining cybersecurity preparedness. The update details...
InfoBytesCFPB Announces Plans to Directly Supervise Service Providers
As previously discussed in InfoBytes , the CFPB released its Spring 2017 Supervisory Highlights , which outlined its supervisory and oversight actions in areas such as mortgage servicing and student loan servicing. The Supervisory Highlights also announced the CFPB’s plans to develop and implement...
InfoBytesFDIC Announces Nationwide Seminars for Bank Officers and Employees
On May 18, the FDIC issued FIL-18-2017 announcing that, between June 6, 2017 and December 4, 2017, it will conduct four identical live seminars regarding FDIC deposit insurance coverage for bank employees and bank officers. The seminars will include an overview of popular topics such as (i) the...
InfoBytesOCC to Host Workshops for Community Bank Directors in June
On June 20 and 21, the OCC will be hosting two workshops in Nashville for directors of national community banks and federal savings associations supervised by the OCC. The June 20 “Credit Risk” workshop will focus on ways to identify trends and recognize problems within a loan portfolio. In...
InfoBytesOCC Issues Revised Comptroller’s Licensing Manual Booklets
On May 8, the OCC announced the release of a revised Fiduciary Powers booklet of the Comptroller’s Licensing Manual , which replaces the version issued in June 2002, and applies to all national banks and federal savings associations proposing to exercise fiduciary powers. This revised booklet...
InfoBytesFHFA Director Appeared Before the Senate Banking Committee on May 11; Discussed Fannie/Freddie, Proposed "Underserved Markets Plans"
On May 11, the Senate Committee on Banking, Housing, and Urban Affairs met in open session at 10:00 a.m. to discuss “The Status of the Housing Finance System After Nine Years of Conservatorship.” Federal Housing Finance Agency (FHFA) Director Mel Watt was the only witness scheduled to testify. The...
InfoBytesGov. Cuomo Announces New Title Insurance Regulations Target Business Gifts, Ancillary Fees and Transactions with Affiliates
On May 1, New York Governor Andrew M. Cuomo announced two new proposed regulations to “crack down on unscrupulous practices in the title insurance industry.” According to the Governor, the proposed measures were drafted in response to an investigation by the state Department of Financial Services...
InfoBytesAmendment to Utah Law Clarifies “Deferred-Deposit” Lender Registration Process; Adds Criminal Background Check
On March 17, Utah Governor Gary Herbert signed an amendment to HB. 40 , Utah’s Check Cashing and Deferred Deposit Lending Registration Act, which modifies registration requirements relating to the disclosure of criminal conviction information for individuals engaged in the business of cashing...
InfoBytesOCC to Host Credit Risk and Operational Workshops for Directors of National Community Banks and Federal Savings Associations; Banking Agencies to Conduct Webinar to Introduce New FFIEC Call Report
On March 2, the Office of the Comptroller of the Currency (OCC) announced that it will host two workshops in Phoenix on April 11-12 for directors of OCC supervised national community banks and federal associations. The Credit Risk workshop (April 11) will cover strategies to recognize trends and...
InfoBytesNYDFS Landmark Cybersecurity Rule Set to Take Effect on March 1
On February 16, New York Governor Andrew Cuomo announced that with the New York Department of Financial Services’ (NYDFS) publication of a Final Regulation , New York’s “First-in-the-Nation Cybersecurity Regulation” is set to take effect on March 1. As discussed previously in InfoBytes , the...
InfoBytesFDIC Releases 2016 Annual Report; Separately, FDIC’s OIG Issues Report Critical of Bank Service Provider Contracts
On February 15, the FDIC released its 2016 Annual Report –which includes, among other things, the audited financial statements of the Deposit Insurance Fund and the Federal Savings and Loan Insurance Corporation (FSLIC) Resolution Fund. The report also provides an overview of key FDIC initiatives,...
InfoBytesSpecial Alert: President Signs Executive Order Calling For Review of Financial Regulations
On February 3, President Trump signed an executive order (the Executive Order) directing the Treasury Secretary and the heads of the member agencies of the Financial Stability Oversight Council (FSOC) to review financial laws and regulations—including the Dodd-Frank Act and regulations implementing...
InfoBytesOCC Supplements Exam Procedures Covering Third-Party Relationships: Risk Management Guidance
On January 24, the OCC released Bulletin 2017-7 advising national banks, federal savings associations and technology service providers of examination procedures issued to supplement Bulletin 2013-29 , “Third-Party Relationships: Risk Management Guidance,” issued October 30, 2013. As previously...
InfoBytesCFPB Clarifies "Flexibility" in Third-Party Risk Management
On November 1, the CFPB issued an update to its previous guidance on risk management for third-party service providers. The update is substantially similar to the Bureau’s previous guidance on third-party risk management, but clarifies that the depth and formality of an entity’s risk management...
InfoBytesCFPB Reissues Guidance on Service Providers
On October 26, the CFPB published Bulletin 2016-02 on service providers to amend previously issued guidance covered in Bulletin 2012-03 . Bulletin 2016-02 seeks to clarify that supervised banks and nonbanks have flexibility in managing the risks of service provider relationships. Specifically, the...
InfoBytesCalifornia AG Harris Launches New Consumer Privacy Tool
On October 14, California AG Harris released an online complaint form designed to help consumers report potential violations of the California Online Privacy Protection Act (CalOPPA). Pursuant to the CalOPPA, commercial websites and online services collecting consumer information are required to...
InfoBytesFederal Banking Agencies Consider Joint ANPR to Address Cybersecurity Standards
On October 19, the FDIC, the OCC, and the Federal Reserve, issued an Advanced Notice of Proposed Rulemaking (ANPR) to further the “development of enhanced cyber risk management standards for the largest and most interconnected entities under their respective supervisory jurisdictions, and those...
InfoBytesMortgage Industry Struggles to Avoid Vendor Management Land Mines
October 3, 2015, marked the official effective date of the long-anticipated, and widely dreaded, TILA-RESPA Integrated Disclosure (TRID) rule. Mortgage professionals have learned from a half-decade deluge of regulation that their TRID fate, along with almost every other aspect of the industry’s...
ArticlesFTC to Host Fourth Start with Security Event
On June 15, the FTC will host its fourth Start with Security event in Chicago, Illinois. Featuring agency representatives Todd Kossow, Maureen Ohlhausen, Cora Han, Jim Trilling, Steve Wernikoff, and Andrea Arias, as well as security experts from various industries, the Start with Security event is...
InfoBytes"Key Points in the CFPB’s Outline of Proposed Rule for Third Party Debt Collectors" By Marshall T. Bell and Walter E. Zalenski (Consumer Finance Law Quarterly Report)
On July 28, 2016 the Bureau of Consumer Financial Protection (CFPB) announced that it is considering proposing a rule to “overhaul the debt collection market by capping collector contact attempts and by helping to ensure that companies collect the correct debt.” The CFPB released several related...
ArticlesFFIEC Updates IT Examination Handbook
On April 29, the FFIEC updated its IT Examination Handbook, revising its Retail Payment Systems booklet to include an Appendix E, Mobile Financial Services . The Retail Payment Systems booklet consists of guidance intended to help examiners evaluate financial institutions’ and third-party providers...
InfoBytesVendor Management in 2015 and Beyond
With evolving regulatory expectations and increased enforcement exposure, financial institutions are under more scrutiny than ever. Nowhere is this more evident than in the management and oversight of service providers. When service providers are part of an institution’s business practice,...
InfoBytesRegulators Turn Up Heat on Vendor Management
The vendor landscape for companies in the mortgage industry has shifted significantly in recent years. State and federal regulators have levied hefty and often unprecedented fines against a number of supervised institutions because of inadequate vendor-management policies and ineffective vendor...
ArticlesMortgage Industry Continues to Bear Brunt of CFPB Regulatory Burdens
In recent years, mortgage industry players have had to quickly adapt to the evolving regulatory environment. The latest scramble for mortgage lenders includes the downstream effects of pending rule changes related to disclosures required in implementing regulations of the Truth-in-Lending Act ("...
ArticlesSpotlight on Vendor Management: Mortgage Industry Continues To Bear Brunt of CFPB Regulatory Burdens
Mortgage industry players have had to adapt quickly in recent years to the evolving regulatory environment, and the latest scramble for mortgage lenders includes the various downstream effects of pending rule changes set to take effect on August 1, 2015, related to disclosures required under the...
InfoBytesSpotlight on Vendor Management: "Brother's Keeper" Enforcement Pattern Becoming the Norm
Two regulatory enforcement matters announced in April offer a view into the current mindset of regulators in the ever-evolving world of vendor management. First, the Federal Communications Commission (FCC) announced a $25 million settlement with a telecommunications carrier related to the...
InfoBytesSpotlight on Vendor Management: Interpreting CFPB Guidance and Enforcement Actions
In April 2012, the Consumer Protection Financial Bureau issued Bulletin 2012-03, a guidance document setting forth the CFPB’s high-level expectations related to the engagement of third party service providers by supervised financial institutions. Since then, the Bureau has often referenced the...
InfoBytesRegulatory Blue Pencil: CFPB Guidance, Enforcement Actions Signal Expanding Focus on Vendor Management
In April 2012, the Consumer Protection Financial Bureau (the ‘‘CFPB’’ or ‘‘Bureau’’) issued Bulletin 2012-03 (the ‘‘Service Provider Bulletin’’), a guidance document setting forth the CFPB’s high-level expectations related to the engagement of third party service providers by supervised financial...
ArticlesSpecial Alert: Federal Reserve Board Guidance on Managing Outsourcing Risks Mirrors Recent OCC Guidance
On December 5, 2013, the Federal Reserve Board (FRB or the Fed) issued Supervision and Regulation Letter 13-19 , which details and attaches the Fed’s Guidance on Managing Outsourcing Risk (FRB Guidance). The FRB Guidance sets forth risks arising out of the use of service providers and the...
InfoBytesSpecial Alert: OCC Updates Third-Party Risk Management Guidance
On October 30, the OCC issued Bulletin 2013-29 to update guidance relating to third-party risk management. The Bulletin, which rescinds OCC Bulletin 2001-47 and OCC Advisory Letter 2000-9, requires banks and federal savings associations (collectively “banks”) to provide comprehensive oversight of...
InfoBytesWhich One of Us Is the Service Provider? The Dodd-Frank Act's Infinite Loop of Oversight
Prudential regulators have advised supervised banks for nearly 30 years about the need for careful diligence of their service providers, but the expectations of the Consumer Financial Protection Bureau (“CFPB” or the “Bureau”) raise both the intensity of these warnings, and the stakes. Title X of...
ArticlesSpecial Alert: CFPB Enforcement Action Targets Marketing of Auto Loans, Add-On Products to Servicemembers
This morning, the Consumer Financial Protection Bureau (CFPB) announced enforcement actions against a national bank and its service provider related to alleged deceptive marketing of auto loans and add-on products to active-duty servicemembers. The CFPB claims that the companies failed to disclose...
InfoBytesEthical Issues in the Digital Age: Navigating E-Discovery Challenges
Elizabeth McGinn and Kristopher Knabe wrote, "Ethical Issues in the Digital Age: Navigating E-Discovery Challenges," which appeared in the American Bar Association's Consumer Litigation Fall Newsletter. Today’s technological changes have fueled an explosive growth of electronically stored...
ArticlesLiabilities for Servicers: Localities Jump in the Game
Jeff Naimon wrote, "Liabilities for Servicers: Localities Jump in the Game," which appears in the October issue of Mortgage Servicing News . As if the federal-state settlement with the largest mortgage servicers didn’t give the servicing industry enough to do, localities, including cities, towns...
ArticlesRising Tide of Operational Risk Demands Due Diligence in Vendor Selection
Considering the potential liability associated with outsourcing by the mortgage banking and mortgage servicing industries, as witnessed by widely publicized high-dollar settlements in government enforcement actions, recent comments of federal financial regulators, and guidance by the Consumer...
ArticlesSpecial Alert: Federal and State Officials File Settlement with Nation's Five Largest Mortgage Servicers
On March 12, 2012, Federal and state officials filed documents in the United States District Court for the District of Columbia formalizing a previously announced settlement (the Settlement) of various government probes into alleged mortgage-related violations by the five largest residential...
ArticlesThe Consumer Financial Protection Bureau's Whistleblower Program: How It Works and What It Means for Financial Services Companies
Whistleblowers are "often the best source of information about waste, fraud, and abuse...." -President Barack Obama On December 15, 2011, the Consumer Financial Protection Bureau (Bureau or CFPB) issued a bulletin announcing its program to collect whistleblower information and law enforcement tips...
ArticlesSpecial Alert: Federal and State Officials Announce Mortgage Servicing Settlement
This morning, U.S. Attorney General Eric Holder, HUD Secretary Shaun Donovan, Iowa Attorney General Tom Miller, and several other state and federal officials jointly announced an approximately $25 billion agreement in principle between the federal government, 49 state attorneys general and the five...
Articles
Regulatory Resources
Agencies
Regulatory Guidance and Resources
- CFPB Automobile Examination Procedures
- CFPB Bulletin 2012-03
- CFPB Bulletin 2012-06
- CFPB Examination Manual
- CFPB Supervisory Highlights
- OCC Bulletin 2013-29
- FRB Supervision and Regulation Letter 14-1/14-1A
- FRB Supervision and Regulation Letter 13-19
- FDIC Financial Institution Letter FIL-44-2008
- FDIC Financial Institution Letter FIL-13-2014 & Attachments to FIL-13-2015: Technology Outsourcing
- FDIC Examination Manual
- FFIEC IT Examination Handbook Booklets
- FFIEC Social Media Guidance
- FFIEC Outsourced Cloud Computing Guidance Summary
- FFIEC Supervision of TSP (10/2012)
- FINRA - Notice to Members 11-14 (proposed reg 3190) - 5/11
- NIST Framework on Cybersecurity
- NYDFS Update on Cyber Security in the Banking Sector: Third Party Service Providers
- NYDFS Report on Cyber Security in the Insurance Sector
- PCI Security Standards Council
- SEC's Division of Investment Management: IM Guidance Update No. 2015-02
- SEC Final Rule: GLB / Reg S-P - Privacy of Customer Information