Get the most out of Funds Availability without the complexities. Read our new Reg CC White Paper...
 Congratulations to last quarter's winner, Lisa Bartoe, American River Bank, in Rancho Cordova, CA. Lisa won an iPod nano just for sharing her opinion. And you can too! Just complete our reader survey & you'll be entered in our iPod drawing. Check back monthly to see if you're the next winner.
 |
 |
2010 OFAC Fines Top $200 Million
 Busting Through the Biggest OFAC Myths to Learn the Types of Companies Being Fined and the Reasons Why
By Lori Moore, CRCM, Director of Compliance
What do an oil refiner, a jeweler, a major hotel chain, a global shipper, an aviation company and an international bank have in common? Actually, they have several things in common, four to be exact. One, they are all ending 2010 with a lot less cash than they started with, and not because of the economy. They’ve all had a visit from the Office of Foreign Assets Control (OFAC) that left them holding the bag for some of the heftiest fines meted out in 2010 by the U.S. Treasury Department. Two, they are all scrambling to implement or improve their compliance programs as part of their settlement with OFAC. Three, they are trying to repair their corporate reputations after being publicly chastised on OFAC’s Civil Penalties and Enforcement Information Chart which is picked up by major media outlets as well as industry specific publications. And four, they would all tell you that OFAC and its sanctions programs are not myth; they are very real indeed.
GLBA Today - Does Your Information Security Program Still Comply?
In response to the requirements set forth by the Gramm-Leach-Bliley Act (GLBA) of 1999, the Interagency Guidelines Establishing Information Security Standards were jointly issued and codified by each federal banking agency. As a result, each financial institution is required to develop a comprehensive risk-based information security program that includes administrative, technical, and physical safeguards which address and mitigate the various security risks within your entire organization. Designed in accordance with the Interagency Guidelines as well as related guidance issued by the FFIEC, this webinar features revised content and focuses on the required program components and the ongoing process of risk assessment and management.
Speaker:
Lori Moore, CRCM
Director of Compliance
ATTUS Technologies
1/13/2010 3:00PM to 4:00PM ET
 Question: How do you get the ODFI to include the customer's name on POPs and ARCs? They will only give us an account number but we need the name as well. This would speed the processing and we would not have to return the item due to not being able to verify the customer.
Answer:
Editor's note: Based on feedback from our readers, we’re revisiting last month’s Expert question. Here’s an additional explanation.
The “Individual Name” field is an optional field for ARC and POP entries as well as BOC, providing this information is at the discretion of the Originator. However, if they choose to use this field it could include the Receiver’s name or a reference number used by the merchant to identify the customer’s transaction. It is important to note that these types of entries cannot be returned R03 – No Account/Unable to Locate Account based solely on the fact that the Receiver’s name in the “Individual Name/Receiving Company Name” field is not present (see OR 110).
To re-read last month's answer, click here. And, thanks to those who provided feedback! We love hearing from our readers.
Got a question on a tricky regulation? We want to hear from you. Submit your question and an expert will answer it in a future issue.
WikiLeaks: Stronger Access Management Needed
Was a Process Failure Preordained?
By Eric Chabrow, govinfosecurity.com
Not adequately implementing access management - deciding who should gain entry not only to an IT system but to specific data, as well - is a major process failure that led to the WikiLeaks leaks, the unauthorized access and downloading of 250,000 sensitive and classified diplomatic cables and other files.
Simply, if properly configured, an access-governance system might have prevented an Army private from extracting the diplomatic cables. The government alleges that Pfc. Bradley Manning, an Army intelligence analyst, illicitly downloaded the files through a Secret Internet Protocol Router and saved them to a disk, which he provided WikiLeaks. Though Manning had security clearance - his job was to route intelligence reports to his superiors - it's unclear why he would or should have authorization to access and download State Department reports.
FinCEN Rule Strengthens SAR Confidentiality
Provides Guidance to Permit Sharing with Affiliates
Financial Crimes Enforcement Network (FinCEN) recently released a final rule – Confidentiality of Suspicious Activity Report as well as an advisory, and two guidance documents, and a Notice of Availability of Guidance that together clarify and strengthen the scope of Suspicious Activity Report (SAR) confidentiality, and expand the ability of certain financial institutions to share SAR information with most affiliates.
Money, Happiness and Motivation
Workers got a surprise at their recent Christmas party - a $10M surprise
By Bob Selden, management-issues.com
The owner of Yabulu Nickel Refinery, Clive Palmer, gave each of his 800 employees a gift in recognition for their achievements over the past 18 months. These gifts were not your normal box of chocolates or bottle of wine. They were much more.
In fact, 55 of his employees received Mercedes Benz cars, 750 will enjoy a luxury holiday for two in Fiji, and 50 who have recently joined the business received weekend stays at 5-star resorts.
All reports suggest the workers (yes, these are rank and file workers, not senior management) are very happy with their gifts.
While you may not have the resources to give away cars, here's what you can do...
|
