T
he
Federal Deposit Insurance Corporation (FDIC) is educating their members on
the new perils associated with a bank or thrift’s use of Web technology,
as we enter the twenty-first century. Including a bank or thrift’s Web
page as an element of an annual audit is just the beginning of the
expected changes by the FDIC. In early 1997 only 130 banks and thrifts in
the U.S. had a Web page, and only one was connected for commerce. So,
it’s understandable that the FDIC was surprised when the 2000 interim
report found that 4,000 banks currently have a Web page and 250 of them
are connected for commerce. These findings mean that 40% of all banks have
“gone online” in just three years, with 12% being commerce-enabled.
Interestingly,
the FDIC is more concerned about those banks that have a simple brochure
site than those that have full-scale commerce capabilities. Using bank
surveys, the FDIC has noted that generally brochure sites tend to be built
and left alone for significant periods, outsourced for construction and
maintenance, and often hosted by outsourced providers. This means that
these sites may not be reviewed often by the financial institution and
consequently are subject to being “spoofed” by criminals, without a
bank representative noticing in any reasonable timeframe. This may be
enough time for a criminal to create online loan and deposit information
that is transmitted to a location other than the bank.
The
FDIC has new regulations regarding a bank’s use of Web technology. They
want careful review of Web resources, and reviews and audits of Internet
resource providers to financial institutions. This particular development
could have a chilling effect on ISO system integrators and even the
continued development of competition.
Finally,
the government remains concerned about consumer protection and minimizing
consumer confusion in the Web space/land rush. One of their concerns
relates to banks who use different names on the Web than those used in the
brick and mortar world. Marlene M. Baer, FDIC IS Examination Specialist,
pointed out that branding issues, such as WingspanBank.com and BankOne
being one and the same, can be a problem for consumers. Given the fact
that Federal Deposit Insurance does not exceed $100,000 per financial
institution, a consumer could be mislead into believing that they had
coverage from both Wingspan and BankOne, which, of course, is not true.
Keep
an eye out for future articles on this subject. We will be working on
stories about both the Office of the Controller of the Currency (OCC)
approval of Internet-Only banks, as well as the actual audit guidelines
for FDIC Internet provider audits and reviews, to keep watch on both the
potential opportunities and problems for ISOs.
Overall,
the development of audit and review requirements at the federal level,
while understandable, is not really the “hands-off-the-Internet”
environment that we might have expected.
Back
| Next
© Copyright
1995-2000
The Green Sheet, Inc. |