12 C.F.R. Subpart C—Standards for Boards and Management
Title 12 - Banks and Banking
The FCA supports E-commerce and wants to facilitate it and other new technologies and innovations to enhance the efficient conduct of business and the delivery of safe and sound credit and closely related services. Through E-commerce, System institutions can enhance customer service, access information, and provide alternate communication systems. At the same time, E-commerce presents challenges and risks that your board must carefully consider in advance. Before engaging in E-commerce, you must weigh its business risks against its benefits. You must also adopt E-commerce policies and procedures to ensure your institution's safety and soundness and compliance with law and regulations. Among other concerns, the policies and procedures must address, when applicable: (a) Security and integrity of System institution and borrower data; (b) The privacy of your customers as well as visitors to your Web site; (c) Notices to customers or visitors to your Web site when they link to an affiliate or third party Web site; (d) Capability of vendor or application providers; (e) Business resumption after disruption; (f) Fraud and money laundering; (g) Intrusion detection and management; (h) Liability insurance; and (i) Prompt reporting of known or suspected criminal violations associated with E-commerce to law enforcement authorities and FCA under part 612, subpart B of this chapter. [67 FR 16631, Apr. 8, 2002; 69 FR 42853, July 19, 2004] When engaging in E-commerce, the business plan required under part 618 of this chapter, subpart J, must describe the E-commerce initiative, including intended objectives, business risks, security issues, relevant markets, and legal compliance. When applicable, internal systems and controls must provide reasonable assurances that System institutions will: (a) Follow and achieve business plan objectives and policies and procedures requirements regarding E-commerce; and (b) Prevent and detect material deficiencies on a timely basis. Records stored electronically must be accurate, accessible, and reproducible for later reference.
Title 12: Banks and Banking
PART 609—ELECTRONIC COMMERCE
Subpart C—Standards for Boards and Management
§ 609.930 Policies and procedures.
§ 609.935 Business planning.
§ 609.940 Internal systems and controls.
§ 609.945 Records retention.
