This article highlights some key website compliance issues and can be used as a guide to assist financial institutions in evaluating the overall effectiveness of their compliance management program for electronic banking delivery systems.
All electronic banking delivery systems, regardless of size or complexity, should be integrated into a financial institution's compliance management process. The major elements of an effective compliance management system are as critical to electronic banking as they are to banking through traditional delivery systems. An effective compliance management system contains two key components — board and management oversight and a compliance management program.
Board and Management Oversight
A financial institution's board and management should recognize the consequences associated with noncompliance and devote sufficient resources to ensure that the compliance program covers electronic banking systems. Management is also responsible for instilling a compliance culture throughout the organization, including the administration of electronic banking systems.
Compliance Management Program
A carefully devised, implemented, and monitored compliance management program will provide a solid foundation for ensuring compliance in an electronic banking system. Compliance policies and procedures should be developed to provide comprehensive guidance for all personnel who develop, maintain, and/or administer these systems. In addition, the policies should address the bank's compliance, audit, and/or internal control systems. Specifically, all banks should have some process in place for reviewing the electronic element of the products they offer. Audit, legal, and compliance, or some combination of these three divisions, should be involved in the compliance review of electronic products.
Common Compliance Issues
The compliance risk associated with an electronic banking site can be related to the degree of complexity of services provided. However, even a basic website can contain violations of consumer regulations. While reviewing websites for compliance with consumer regulations, Federal Reserve examiners have identified three areas of specific weakness in addition to general website requirements — loan advertisements, deposit advertisements, and nondeposit investment products. Not surprisingly, many weaknesses in website compliance are also weaknesses in general compliance processes.
Nondeposit Investment Products
Financial institutions advertising or selling nondeposit investment products online should ensure that consumers are informed of the risks associated with nondeposit investment products. Online advertisements should minimize the possibility of customer confusion and prevent any inaccurate or misleading impression about the nature of the nondeposit investment product or its lack of FDIC insurance. Specifically, websites advertising nondeposit investment products should comply with the following provisions.
The issues presented in this article are guidelines that can be used to determine how well financial institutions stack up in their compliance efforts with respect to electronic delivery systems. However, there are several complex compliance issues associated with website advertisements. Those delineated in this article provide a basic framework for financial institutions to evaluate the overall effectiveness of their current compliance program for electronic delivery systems.
If you have any questions regarding compliance programs for electronic banking delivery systems, please contact Connie Wallgren, Vice President and Chief Examinations Officer at (215) 574-6217.
The views expressed in this article are those of the author and are not necessarily those of this Reserve Bank or the Federal Reserve System.