Entries by Joel Lawrence

Importance of an Overdraft Privilege Service Policy

Consumers should be provided an Overdraft Privilege Service Policy which discloses the limit, fees, and general practices before any limit is assigned, in addition to the standard deposit agreement and fee schedule. The Service Policy needs to be provided at program launch, new account opening or when a consumer account qualifies for Overdraft Privilege. Disclosing […]

No better time to implement a Cloud-Based GRC Solution

Over recent weeks, the ongoing spread of the COVID-19 coronavirus has forced companies around the country to make difficult decisions about how to protect their employees — as well as their communities as a whole.  In an effort to halt the spread of the virus, many organizations are instituting mandatory work-from-home (WFH) policies, engaging with […]

Setting the record straight on excessive use

Lately, there has been a lot of confusion around consumers who ‘abuse’ the overdraft privilege program from our clients.  Our clients have asked us what they should do for their consumers who use the overdraft privilege program on a regular basis and what are the recommended compliance and regulatory practices they should follow for these […]

The Importance of Moving away from Spreadsheets for Vendor Management

Over the past several years, regulators have targeted vendor management as one of their top regulatory concerns. With growing dependence on third parties for services,  the need for effective vendor management programs has increased. While regulatory framework for vendor management has been in place for years, the detailed expectations and efficiency have been missing. Most […]

Technology Service Provider Contracts

Understanding the increase dependence that financial institutions have on technology service providers, bank regulators have increased their efforts to require banks to appropriately handle third-party risk management.  The Federal Deposit Insurance Corporation (FDIC) has identified gaps noted by some examiners regarding several technology service provider contracts that were inadequate under existing guidance.  These contracts were […]

You Can Outsource, But You Cannot Hide

Companies may outsource an activity, but cannot outsource accountability. In today’s economic environment, almost every aspect of a company’s operations can be outsourced efficiently. As a result companies interact with vendors on a daily basis, opening themself up to additional risk. Vendor Risk is a type of Operational Risk associated with the potential risk that […]

Technology Service Provider Contracts

Understanding the increasing dependence that financial institutions have on technology service providers, bank regulators have ramped up their efforts to require banks to appropriately handle third-party risk management. The Federal Deposit Insurance Corporation (FDIC) has identified gaps noted by some examiners regarding several technology service provider contracts that were inadequate under existing guidance. These contracts […]

An independent certified public accountant has examined Strunk’s operations and found them to be in compliance with the AICPA’s Trust Service Principles. It was determined that Strunk meets the Security, Availability, Processing Integrity, Confidentiality, and Privacy criteria for SOC 2 established by the AICPA.