Additional Privacy and Insurance Questions Flashcards
Bob Jones, president of First National Bank, does not believe the bank has to do anything to comply with the FFIEC Interagency Guidance. The bank has an information-only Web site, does not offer any online Internet banking services, and only offers telephone banking at this time. Which of the following statements best describes the bank’s responsibility?
Statement 1: The bank does not offer any Internet banking services, so it does not need to worry about the Interagency Guidance at this time.
Statement 2: First National Bank should conduct a risk assessment on their telephone banking services. They should provide written support for the low risk and adequacy of single-factor authentication.
Statement 3: Telephone banking service offers only standard balance and transfer between accounts. No risk assessment is required.
Statement 4: The bank should have information on fraud and identity theft inserted on its Web site for customer awareness. Information should also be available in the bank lobby and should be evaluated periodically.
a. Statement 1 only
b. Statement 2 only
c. Statements 1 and 2
d. Statements 2 and 4
d. Statements 2 and 4
The bank needs to conduct a risk assessment for its telephone banking services and provide support for maintaining single-factor authentication assessment and low risk. The bank is also required to provide customer awareness information to their customers.
Acme Bank offers its customers Internet banking that includes bill payment services, wire transfer initiation, and access to customer account history. Acme has had to spend a substantial amount of money implementing a multifactor authentication system that will continue to be fairly expensive to operate. Which of the following is the best alternative for Acme that will allow the bank to be in compliance with the FFIEIC guidance?
a. The bank could provide the multifactor authentication to all customers who use the Internet banking services
b. The bank could discontinue offering Internet banking to its customers
c. The bank could ask its customers to choose which type of authentication they will use, and disclose the risks involved if the customer decides not to use multifactor methods
d. The bank could restructure its Internet banking product to restrict customer account information and allow transfers only to other accounts owned by the customer
a. The bank could provide the multifactor authentication to all customers who use the Internet banking services
Cutting back or discontinuing its services is not the best answer for the bank. The customers cannot opt out of the multifactor authentication in high-risk transactions.
To which of the following activities does the FFIEC Guidance on Authentication apply?
a. Internet banking only
b. Telephone and Internet banking
c. Call center banking only
d. Internet, telephone, and call center banking
d. Internet, telephone, and call center banking
The guidance covers all types of electronic banking including voice response units, telephone banking, and call center banking where high-risk transactions can be conducted
ACME Bank is reviewing its security program for safeguarding customer information. All but one of the following functions should be included in its review. Which one need NOT be included?
a. The bank’s Internet Web site
b. The bank’s loan operations back office where loan files are kept
c. The bank’s system of disposing of its trash
d. The bank’s printed marketing and promotional materials
d. The bank’s printed marketing and promotional materials
State National Bank’s security officer is preparing for the bank’s annual information security review. Which of the following steps is NOT required for this review?
a. An intrusion test of the bank’s online banking system
b. An audit of the bank lobby during business hours to determine whether customer information is kept private
c. A review of all contracts from service providers with access to bank customer information
d. A review of all outside windows to check for physical security
d. A review of all outside windows to check for physical security
Item (d) is not a requirement of safeguarding customer information. It is, however, a security procedure related to the Bank Protection Act.
Which of the following actions is NOT a requirement of the bank’s directors in implementing an information security program?
a. Approve the information security program
b. Determine whether the information security officer is qualified
c. Physically audit the bank’s online banking system
d. Review management reports on information security periodically
c. Physically audit the bank’s online banking system
This is not a requirement for the board of directors.
If a bank is a government securities broker or dealer, what are its responsibilities when it obtains a Form G-FIN-4 or an MSD-4 from an employee?
a. Retain the form for 10 years
b. Verify the accuracy of all information on the form
c. Verify the accuracy of the information by inquiring of all employers of the employee for the previous three years
d. Verify the accuracy of the information by inquiring of all employers of the employee for the previous five years
c. Verify the accuracy of the information by inquiring of all employers of the employee for the previous three years
When is it permissible for a bank that is a government securities broker or dealer to refrain from filing a Form G-FIN-5 or a Form MSD-5 when an employee terminates the associated person status?
a. When the employee files the form
b. When the bank does not have all the necessary information and notifies its regulatory agency
c. When the employee’s status is reinstated within six months
d. When the employee remains employed by the bank and the bank notifies its regulatory agency
d. When the employee remains employed by the bank and the bank notifies its regulatory agency
What is the maximum number of government securities transactions a bank may have and still remain exempt from the Government Securities Act?
a. 100 per year
b. 250 per year
c. 400 per year
d. 499 per year
d. 499 per year
Which of the following actions is NOT a custodial requirement of the Government Securities Act?
a. Keeping possessory government securities in a vault with dual control access
b. Segregating government securities from bank assets
c. Keeping government securities free of liens, claims, and charges.
d. Issuing safekeeping receipts for securities
a. Keeping possessory government securities in a vault with dual control access
A bank that is a government securities broker accepts money from a customer for the purchase of securities on Monday and does not purchase the securities by the end of the day on Tuesday. Does the bank have any responsibilities under the Government Securities Act?
a. No. The bank has fulfilled its responsibilities under the Act.
b. Yes. The bank must purchase the securities before the close of business on Wednesday.
c. Yes. The bank must deposit the money in an account of the customer at the close of business on Tuesday.
d. No. The bank has until the close of business on Wednesday to purchase the securities before being liable to the customer for failure to effect a purchase.
c. Yes. The bank must deposit the money in an account of the customer at the close of business on Tuesday.
The bank has until the close of business on the day after the day the money is tendered to the bank for the purchase to actually purchase the securities. If it does not, it must deposit the money in the customer’s account and notify the customer of the deposit.
Under what circumstances will a G-FINW (a withdrawal as a government securities dealer) become effective in less than 60 days?
a. If the bank requests a shorter time period
b. If the regulatory agency determines that a shorter time period would be appropriate
c. If the bank ceases doing business as a securities dealer
d. If the bank has no employees that qualify as associated persons
b. If the regulatory agency determines that a shorter time period would be appropriate
When is it possible for a bank to be exempted from compliance with some of the Government Securities Act custodial regulations?
a. When the bank maintains its securities in the ordinary course of business
b. When the bank has procedures in place to make sure it complies with the custodial regulations of its federal regulatory agency
c. When the bank does not hold itself out as a government securities broker or dealer
d. When the bank uses more than the normal standard of care when maintaining possession and control of securities
b. When the bank has procedures in place to make sure it complies with the custodial regulations of its federal regulatory agency
A financial institution that is regulated by a federal agency and has policies and procedures in place to ensure that the agency’s regulations are followed regarding custody of securities may be exempted from a portion of the custodial requirements of the Government Securities Act. A bank that does not hold itself out as a government securities dealer and that does not actively solicit government securities business may be exempt from registration requirements but is still covered by custodial requirements.
Which of the following entities is exempt from the requirements of the Government Securities Act?
a. A bank that operates a securities underwriting department to provide underwriting services to issuers of government securities
b. A national bank that purchases and sells government securities only in its fiduciary capacity on behalf of clients in its trust department
c. A bank that operates a financial advisory service that provides advice to clients on the purchase and sale of government securities
d. A bank that operates an investment department to provide investment advice and purchase and sell all types of securities (including government securities) for clients
b. A national bank that purchases and sells government securities only in its fiduciary capacity on behalf of clients in its trust department
The national bank that purchases and sells government securities only in its fiduciary capacity to trust department clients is not considered to be an associated person, and therefore is exempt from the requirements of the Government Securities Act.
Transactions with which of the following government securities would NOT subject a bank to the registration requirements of the Government Securities Act?
a. Obligations of the Farm Credit System
b. GNMA securities
c. U.S. Savings Bonds
d. FNMA obligations
c. U.S. Savings Bonds