Maintaining compliance with federal regulations can be resource-intensive for financial institutions, and state laws and regulations add to the burden. Two current hot topics for state compliance include data privacy and the Telephone Consumer Protection Act (TCPA). Let’s take a closer look at the state-level regulatory landscape in these areas. This information is not intended to be comprehensive or constitute legal advice. Consumer Data Privacy In the absence of a comprehensive federal data privacy…
This month’s roundup of recent news and developments in the world of governance, risk, and compliance (GRC) for financial services includes: Cybersecurity disclosure rules BSA/AML examination manual updates ESG a top procurement concern Data breach costs Let’s dive in: SEC issues new cybersecurity incident disclosure rules On July 26, the Securities and Exchange Commission (SEC) adopted rules “requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material…
Financial institutions are expected by their regulators to periodically monitor exposure to existing and emerging risks. This monitoring of risk exposure keeps the institution in the know and helps prevent operational surprises, disruptions, and other negative events. In its recent Semiannual Risk Perspective, the Treasury Department’s Office of the Comptroller of the Currency (OCC) warned that operational and compliance risks remain elevated and financial institutions need to “remain diligent and confirm the effectiveness of…
The July Regulatory Compliance Briefing includes recent alerts, advisories, and pending actions to be aware of this month. (more…)
Debating whether it’s necessary to do an annual risk assessment on a particular compliance risk category? (Fill in the blank: BSA/AML/OFAC, ACH, fair lending, or any other regulatory topic.) First, consider whether you’re performing the risk assessment solely because some regulatory body or other entity requires it. If the answer is yes, you might be missing the point. A risk assessment is for management’s use — to review the results and make meaningful and…