Mobile banking capabilities — like the banking app on your phone — while a huge innovation, has increased the exposure of banks and consumers alike. The Electronic Banking Working Group of the Federal Reserve System developed an Electronic Banking Examination Checklist to act as a strong baseline to assess banks on. The checklist is described as, “a tool for examiners to document reviews of a state member bank’s Internet website for compliance with applicable consumer protection laws and regulations.”
As consumer trends shift and technology advances, online banking is no longer just a perk offered by larger banks. Customers across the financial services industry now expect online and mobile banking. Private information that needed only be protected by bank branches is vulnerable because of this widespread remote accessibility. Financial institutions of all types and sizes need to perform regular mobile banking risk assessments.
The assessment was released as a hard copy checklist and covers many areas of electronic banking including: compliance management, advertising, privacy, the E-Sign Act, taking applications, online lending, and online deposits. Some questions paint with broad strokes, asking for high-level assertions about the overall structure and functionality of the electronic banking platform. Other questions are far more granular, and allow for a deep dive into potential vulnerabilities