WolfPAC Integrated Risk Management has added another association to our already long list of partner groups, by joining the Texas Bankers Association! We are very excited to be a part of the oldest and largest state banking association in the nation, and look forward to different ways we can support this partnership.

You’ve been busy on your business continuity plan ("BCP"). You know how long it will take you to get your systems back up. Your alternate site is selected and ready to spring into action should the need arise. But what about everything that comes before? Do the people in your organization know what to do prior to the disaster declaration? Are you 100% certain they would know what to do and who’s responsible for what? Are you willing to bet the organization on it? If you can’t respond with a resounding yes then conducting a Tabletop Exercise could be the missing piece in your BCP Testing program.

The New York Department of Financial Services (NYDFS) implemented Cybersecurity Requirements for Financial Services Companies with the goal of protecting New York financial service institutions and their customers from cyber-threats. This unprecedented rule covers entities who fall under the authority of the NYDFS, including banks, insurance companies and financial service institutions with limited exemptions based on employee and asset size. Although the rules are effective on March 1^st, there is a transitional period ranging from 180 days to 2 years for the regulatory requirements.

Building a culture of compliance within your institution can be difficult, but it's one of the most important things you can do to ensure your Enterprise Risk Management program is comprehensive, effective, and efficient.

Every month since December, we have hosted a webinar focused on giving our clients and prospects a ton of information about the changes happening to our Information Technology module. We have covered the common controls framework that manages how often you have to input a specific control that spans all technologies. We have showed off our contextual questionnaires that cut down the number of questions your team has to answer for each risk assessment, so they only have to fill out what's relevant to that technology. We've also showed you how to map your controls to your threats, to ensure that you identify any gaps you may currently have in your system, to quickly and easily remediate them.

Every year, the American Bankers Association hosts their ABA Risk Management Conference, focused on the evolution of risk in the financial industry, and the methods used to help analyze and control them within your institution. This year promises to be no different, with over 30 strategic and practical sessions built into the three day conference to help parse through some of the biggest upcoming changes we are likely to encounter.

On March 7th at 11am PST (2pm EST), Mike Cohn, Director of the WolfPAC Solutions Group will be presenting a webinar hosted by Western Independent Bankers:

Last month, the Western Independent Bankers (WIB) hosted the first in a three part Enterprise Risk Management webinar series with Randy Marsicano presenting on the Keys to an Effective ERM program. On February 15^th, Drew Coveney, CIA and Internal Audit Supervisor for Wolf & Company will be presenting the second installment:

Last week, Bharat Nair and Manny Centeio hosted a webinar about the new evolution of the WolfPAC IT Risk Assessment module. During the webinar, Manny walked through many of the administrative functions that cover every IT assessment. Part of this demonstration showed you how to utilize the robust common control framework built into the system. This means that the controls implemented across every technology are only input once, and no longer have to be entered for each individual assessment.

Starting on January 1^st, New York chartered and regulated bank and nonbank institutions will be required to implement and maintain a Transaction Monitoring Program and a Watch List Filtering Program. The purpose of these programs will be to monitor and filter transactions for potential violations to the Bank Secrecy Act (BSA) or Anti-Money Laundering (AML) regulations. This will also work to prevent transactions with sanctions entities.