The Agency Insider with Linda McGlasson

Regulatory Reform Heralds Changes

Ex-Regulator Offers Clues to What to Expect Next
Regulatory Reform Heralds Changes

There's a whole lotta shaking going on and still to come after the most sweeping set of changes to the financial regulatory framework was passed this summer.

The Frank-Dodd regulatory reform bill may have held the headlines in June and July, but the real work by regulatory and institutions is coming next.

I recently got the chance to discuss regulatory reform with William Henley, a former Office of Thrift Supervision executive, now at BITS, about these changes that loom over bankers' heads. Here are some of the takeaways he shared with me.

The reality is change is coming, folks, with 200 more potential regulations to add to our stack of compliance headaches. Some of these are going to be big. Like the possible change in how Title 8 is approached by the agencies. Oversight used to be done on an interagency basis. Henley wonders if the Federal Reserve will take that function on now, or just settle for a leadership role in the interagency oversight.

Even without any changes being made yet by the newly-chartered Consumer Financial Protection Bureau and its new head, Elizabeth Warren, the other financial regulatory agencies are taking an expanded approach to the topic. Rather than leaving consumer protection up to the new bureau, agencies are expanding their resources and attention to this area. Both Henley and I agree: This is a good thing.

There are other issues out there on the regulatory front that will cause Maalox moments. The debit card interchange issue could have a pretty big impact on banks, especially community institutions. The issue here: the loss of revenue from debit card activity because of the Federal Reserve's expanded oversight over the setting of interchange fees.

Expect New Guidance

Other upcoming guidance that institutions should be on the watch for: Update to the 2005 Online Banking Authentication guidance. It's no secret that the agencies are working on a refresh, possibly to address mobile banking in particular. As the threats and technology change, the agencies will continue to review this area. So expect new guidance to be issued in the "near future." (In regulatory time, the term "near future" could be three months or a year.)

Henley says not to be surprised to see guidance on cloud computing. One guess what the topic at the agencies' annual technology symposium will be this year - managed security services, an area that is chock-full of cloud-computing vendors offering services.

More than likely the existing vendor management guidance will be the touchstone of any guidance on cloud computing. Regulators will encourage institutions not to be fooled by services offered under a particular name, but rather to focus on the principles that are in the guidance. With the proliferation of all the cloud-computing services and the hype surrounding it, institutions need to stick to sound vendor management practices and adhere to the principles that are already out there.



About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.