Every month since December, we have hosted a webinar focused on giving our clients and prospects a ton of information about the changes happening to our Information Technology module. We have covered the common controls framework that manages how often you have to input a specific control that spans all technologies. We have showed off our contextual questionnaires that cut down the number of questions your team has to answer for each risk assessment, so they only have to fill out what's relevant to that technology. We've also showed you how to map your controls to your threats, to ensure that you identify any gaps you may currently have in your system, to quickly and easily remediate them.

Every year, the American Bankers Association hosts their ABA Risk Management Conference, focused on the evolution of risk in the financial industry, and the methods used to help analyze and control them within your institution. This year promises to be no different, with over 30 strategic and practical sessions built into the three day conference to help parse through some of the biggest upcoming changes we are likely to encounter.

On March 7th at 11am PST (2pm EST), Mike Cohn, Director of the WolfPAC Solutions Group will be presenting a webinar hosted by Western Independent Bankers:

Last month, the Western Independent Bankers (WIB) hosted the first in a three part Enterprise Risk Management webinar series with Randy Marsicano presenting on the Keys to an Effective ERM program. On February 15^th, Drew Coveney, CIA and Internal Audit Supervisor for Wolf & Company will be presenting the second installment:

Last week, Bharat Nair and Manny Centeio hosted a webinar about the new evolution of the WolfPAC IT Risk Assessment module. During the webinar, Manny walked through many of the administrative functions that cover every IT assessment. Part of this demonstration showed you how to utilize the robust common control framework built into the system. This means that the controls implemented across every technology are only input once, and no longer have to be entered for each individual assessment.

Starting on January 1^st, New York chartered and regulated bank and nonbank institutions will be required to implement and maintain a Transaction Monitoring Program and a Watch List Filtering Program. The purpose of these programs will be to monitor and filter transactions for potential violations to the Bank Secrecy Act (BSA) or Anti-Money Laundering (AML) regulations. This will also work to prevent transactions with sanctions entities.

The American Bankers Association had an interesting chart in their ABA Banking Journal last month, highlighting the Top 6 Risks Expected for 2017. Similar to the predictions we made in our article 10 Financial Industry Trends You Cannot Ignore, Cybersecurity has reached the top of the list, growing 4% from last year’s 66%.

Last month at our 2016 User Conference, Bharat Nair spoke about some exciting changes in the works for our Information Technology Risk Assessment solution. Changes like the new contextual questionnaire format will allow you and your team to complete risk assessments for technologies in just a fraction of the time you normally spend. The new threat and control architecture helps you think strategically about activities you may be missing, while streamlining the documentation within the system with common controls. Built with multi-framework and multi-industry support, we have created a module that delivers both efficiency and strategy in a whole new way.

Whew! We’ve been running around the country for the last two weeks hosting our 8^th Annual WolfPAC User Conference, and the turnout was incredible. Over 100 people from more than 65 different organizations came to one of our two locations to share their experiences and gain valuable insight from our team and other experts. We are so proud to be able to bring this community together to help strengthen risk management within the financial industry as a whole, as well as our individual clients. Thank you to all that attended, for a truly wonderful event.

UDAAP, or the Unfair, Deceptive, Abusive Acts or Practices policy, was put in place to protect customers from being unwittingly harmed by misleading or overtly deceitful actions by financial institutions. Often there is a misconception that UDAAP and regulatory regulations at large are the sole responsibility of the risk manager, and that can lead to miscommunications that inadvertently trickle down to the customer. Marketing and advertising is an area where there needs to be close collaboration between the risk management department and the marketing department to ensure these issues aren’t occurring, and that everyone understands their role in adhering to UDAAP regulations. Here are a couple best practices that can assist in making sure your marketing tactics are on the up-and-up: