Blog

Last week was an active week of discussion on issues facing financial services companies. I presented at the 40th annual Roundtable for ISACA’s MN Chapter on The Next Generation of Third-Party Risk Management and attended Deluxe Exchange 2015, where an engaging keynote speech by Sheila Bair, forme ....

The Office of the Comptroller of the Currency (OCC) published final guidelines that establish minimum standards for risk governance frameworks for OCC regulated institutions with over $50 billion in assets. While that asset threshold would seem to specifically exclude most community banks, the OCC h ....

The FFIEC recently released its Cyber Security Assessment observations, after conducting a pilot on cyber security readiness with more than 500 community institutions. A key theme emerging from the observations was the need for enhanced sharing of threat and vulnerability information across the publ ....

As follow up to my previous blog on how the avalanche of regulation can stifle innovation in banks and credit unions, I wanted to share some ideas to start the discussion on organizational steps that you can take to enhance the risk and compliance culture. Maturing the processes internally, requires ....

With the publication of OCC Bulletin 2013-29 as well as numerous recent breaches involving vendors a perfect storm of awareness has arisen not only in the financial services industry but many others as well. The inevitable result will be an emphasis within organizations on better management of the ....

Part III of a IV part series In part II of the four part blog series, Regulators Expectations for Third Party Risk Management, I focused on governance and oversight structures for each phase of the third party relationship lifecycle. Today, I am going to take a deeper dive into managing fourth part ....