Summary:
The Federal Financial Institutions Examination Council (FFIEC) has issued a new appendix, Mobile Financial Services , to the Retail Payment Systems booklet of the FFIEC Information Technology Handbook . The appendix provides guidance to assist examiners in evaluating the risks associated with mobile financial services.
Statement of Applicability to Institutions with Total Assets under $1 billion: This Financial Institution Letter applies to all FDIC-supervised institutions.
Highlights:
- The appendix emphasizes an enterprise-wide risk management approach for effectively managing and mitigating the risks associated with mobile financial services.
- The appendix discusses the technologies used in the mobile delivery channel, elevated risks that may result, and appropriate controls implemented by institutions or third-party providers.
- The appendix contains a work program to assist examiners in determining the risks posed by an institution's mobile financial services and assessing the controls that have been implemented to mitigate those risks.
- An electronic version of the appendix, as well as an FFIEC press release, is available at http://www.ffiec.gov/press.htm .
Suggested Distribution:
- FDIC-Supervised Banks (Commercial and Savings)
Suggested Routing:
- Chief Executive Officer
- Chief Information Officer
- Chief Information Security Officer
Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center, 3501 Fairfax Drive, E-1002, Arlington, VA 22226 (1-877-275-3342 or 703-562-2200).
FIL-31-2016