-
Information Technology – Strategic Planning
Whether you think Information technology (IT) is a strategic asset to an organization or just a cost center that needs to be minimized, IT strategic planning at some level is necessary if the organization wants to hit its objectives more efficiently and effectively.
-
NCUA Announces Change to CECL Effective Date That Helps Align Credit Unions with Accounting Standards
On July 20, 2022, the NCUA issued an Accounting Alert, superseding the alert that was issued on March 9 of the same year. This new alert states that all federal credit unions may now adopt CECL based on their audited financial reporting year if this is different from its fiscal year.
-
State Pass-through Entity Tax Election – Should Your S Corporation Bank Make the Election?
With Ohio being the latest state to pass legislation allowing a pass-through entity tax (PTET) election in June 2022, nearly 30 states now allow S corporations and partnerships (pass-through entity or PTE) to be assessed an elective entity-level tax. This workaround is in response to the Tax Cuts and Jobs Act (TCJA) limiting the state and local tax (SALT) deduction for individuals who itemize to $10,000 through tax year 2025. Is it beneficial for your S corporation bank to make the PTET election?
-
Unintended Consequences of Ransomware
In December of 2021, the Office of the Comptroller of Currency (OCC) stated that all Financial Institutions must have ‘robust’ systems to identify threats and vulnerabilities in their technology. The OCC went on further to state that Financial Institutions should back up key systems and records in isolation to guard against hackers looking to disrupt systems for payout.
-
BSA / OFAC Matters: New Sanctions Against Russia and Belarus
On May 8, 2022, by the United States, through the Office of Foreign Assets Control (OFAC), introduced new sanctions against Russia and Belarus . The new sanctions will take effect on June 7, 2022. Read on to learn more.
-
What You Should Know About the FTC Updates to the GLBA Standards for Safeguarding Customer Information Rule
Amendments to the Standards for Safeguarding Customer Information incorporate five key compliance changes for financial institutions. The new Rule provides additional detail to existing information security program criteria, increases accountability for program reporting, expands upon the definition of a financial institution, incorporates additional terminology definitions, and offers an exemption for smaller institutions.
-
The Importance of a Risk Based Audit Plan
What is your process to create your internal audit plan? Gone are the days of pulling together an internal audit plan on the fly basing your decision on a rotational schedule, auditable areas that had the most exceptions in the previous year, or what areas may fit into your budget.
-
Will the Cyber Incident Reporting for Critical Infrastructure Act of 2022 help or confuse Financial Institutions?
Recent legislation drives 72-hour timeline for notification of data breach and 24-hour notification of ransomware payment.
-
Digital / Online Payment Systems Risk
There are several payment systems available today to enhance the ease and convenience of making financial transactions. Payment systems continue to be developed and offered by both financial and non-financial institutions with just a few clicks to authenticate and transmit funds. The audience of these newly introduced applications are dependent upon the respective vendors to ensure that all required controls have been implemented to protect the data at rest as well as during transmission. Regulatory bodies have also addressed these risks through additional compliance requirements, and established frameworks continue to heighten industry standards to further guide organizations to reduce risk to an acceptable level.
-
Computer-Security Incident Notification Requirements
In fall 2021, the banking agencies issued a final ruled regarding computer-security incident notifications. See how this new rule impacts your bank.