Tag: cyber security

Categories
Financial Institutions and Banking

Bank Wire

Crypto-assets: Handle with care

In January 2023, the federal banking agencies published “Joint Statement on Crypto-Asset Risks to Banking Organizations.” The statement cautions banks to be aware of — and, if applicable, mitigate — the risks associated with crypto-assets. According to the statement, these risks include:

  • Fraud and scams,
  • Legal uncertainties regarding custody practices, redemptions and ownership rights,
  • Inaccurate or misleading representations or disclosures, including misrepresentations regarding FDIC coverage,
  • Significant volatility, including potential impacts on deposit flows,
  • Stablecoins’ susceptibility to run risk,
  • Contagion risk resulting from interconnections among crypto-asset participants,
  • Lack of mature, robust risk management and governance practices in the crypto-asset sector, and
  • Heightened risks associated with open, public or decentralized networks (for example, lack of governance mechanisms, absence of contracts, or standards to clearly establish roles, responsibilities and liabilities).

The statement instructs banks to “ensure that crypto-asset-related activities can be performed in a safe and sound manner, are legally permissible, and comply with applicable laws and regulations,” including consumer protection laws. Notably, the statement opines that “issuing or holding as principal crypto-assets that are issued, stored, or transferred on an open, public, and/or decentralized network, or similar system is highly likely to be inconsistent with safe and sound banking practices.”

Be prepared to report computer security incidents

As concerns over cybersecurity intensify, banks should be prepared to report computer security incidents to federal regulators quickly. Under a rule that took effect last spring, banks must report computer security incidents that rise to the level of a “notification incident” within 36 hours. The rule defines “computer security incident” as an “occurrence that results in actual harm to the confidentiality, integrity, or availability of an information system or the information that the system processes, stores, or transmits.” These incidents aren’t limited to cyberattacks — they also can result from hardware or software failures, human error or other nonmalicious causes.

A computer security incident is deemed to be a notification incident if it’s reasonably likely to materially disrupt or degrade a bank’s 1) ability to carry out banking operations, activities or processes, or deliver products and services to customers, 2) business lines whose failure would result in a material loss of revenue, profit or franchise value, or 3) operations whose failure would pose a threat to U.S. financial stability. All banks should have procedures in place for identifying notification incidents and reporting them to their primary regulators on a timely basis.

© 2023

Categories
Dyersburg, TN Helpful Articles Henderson, KY Henderson, TN Jackson, TN Martin, TN Memphis, TN Milan, TN Murray, KY Nashville, TN Owensboro, KY Paris, TN Trenton, TN Tupelo, MS Union City, TN

6 Key IT Questions to Ask in the New Normal

The sudden shutdown of the economy in March because of the COVID-19 pandemic forced many businesses to rely more heavily on technology. Some companies fared better than others. Many businesses that had been taking an informal approach to IT strategy discovered their systems weren’t as robust and scalable as they’d hoped. Some may have lost ground competitively as fires were put out and employees got back up to speed in an altered working environment.

To keep your approach to technology relevant, you’ve got to regularly reassess processes and assets. Doing so is even more important in the new normal. Here are six key questions to ask: 

  1. What are our users saying? Every successful IT strategy is built on a foundation of plentiful user feedback. Talk with (or survey) your employees about what’s happened over the last few months from a technology perspective. Find out what’s working, what isn’t and why. 
  2. Do we have information silos? Most companies today use multiple applications. If these solutions can’t “talk” to each other, you may suffer from information silos — when different people and teams keep data to themselves. Shifting to a more remote workforce may have worsened this problem or made it more obvious. If it’s happening, determine how to integrate critical systems. 
  3. Do we have a digital file-sharing policy? Businesses used to generate tremendous amounts of paperwork. Sharing documents electronically is much more common now but, without a formal approach to file sharing, things can still get lost or various versions of files can cause confusion. Implement (or improve) a digital file-sharing policy to better manage system access, network procedures and version control. 
  4. Has our technology become outdated? Along with being an incredible tragedy and ongoing problem, the pandemic is accelerating change. Technology that may have been at least passable before the crisis may now be falling far short of optimal functionality. Look closely at whether your business may need to upgrade hardware, software or platforms sooner than you previously anticipated. 
  5. Do employees need more training? You may have implemented IT changes over the past few months that employees haven’t fully understood or have adjusted to in problematic ways. Consider mandatory training and ongoing refresher sessions to ensure users are taking full advantage of available technology and following proper procedures. 
  6. Are your security protocols being followed? Changes made to facilitate working during the pandemic may have exposed your systems and data to threats from disgruntled employees, outside hackers and ever-present viruses. Make sure you have a closely followed policy for critical actions such as regularly changing passwords, removing inactive users and installing security updates. ATA Secure can help answer any data security question. They have the ability to secure networks from the inside and outside.  Learn more about our data security partners here.

Technology has played a critical role in enabling businesses to stay connected internally, communicate with customers and remain operational during the COVID-19 crisis. Our firm can help you assess your IT strategy in today’s economy and identify cost-effective process changes and budget-conscious asset upgrades. For more information, visit ATA Tech.  © 2020