NACHA, the electronic payments association that manages the ACH network, released in July advice to help banks implement the Federal Financial Institutions Examination Council's updated guidelines for securing Internet banking. The FFIEC's Supplement to Authentication in an Internet Banking Environment, released in 2011, updates previous FFIEC regulatory guidelines for financial institutions and includes additional requirements for fraud prevention measures and policies.
NACHA managing director Deborah Shaw says the association thought it would be helpful to provide a resource for banks as they implement the supplement's provisions. NACHA's Sound Business Practices for Implementing Provisions of the Supplement were developed by the organization's Risk Management Advisory Group, with input from financial institutions and regional payments associations. The prescribed best practices are drawn from "real-life experiences of different financial institutions," according to Shaw. "It's an opportunity to see what your peers are doing and what you can learn from them."
NACHA's recommended best practices cover five areas of transaction security: risk assessments; customer authentication for high-risk transactions; layered security programs; the effectiveness of certain authentication methods; and customer education.
Please click through to see the first step.
Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio