Appendix D: Laws, Regulations, and Guidance

Sources

Laws

Resource TitleTypeDate
15 USC 1601: Truth in Lending Act Laws N/A
12 USC 1861-1867(c): Bank Services Company Act Laws N/A
12 USC 4001: Expedited Funds Availability Act Laws N/A
12 USC 5001: Check Clearing for the 21st Century Act Laws N/A
15 USC 1681m(e): Fair Credit Reporting Act Laws N/A
15 USC 1693: Electronic Funds Transfer Act Laws N/A
15 USC 6801 and 6805(b): Gramm-Leach-Bliley Act Laws N/A
18 USC 1 (Pub. L. No. 107-56): USA Patriot Act Laws N/A
31 USC 5311: Bank Secrecy Act Laws N/A

Federal Financial Institutions Examination Council

Resource TitleTypeDate
Authentication and Access to Financial Institution Services and Systems Guidance August 2021
Authentication in an Internet Banking Environment Guidance October 2005

Bank Secrecy Act/Anti-Money Laundering InfoBase

 Guidance N/A

Check 21 InfoBase

 Guidance N/A

Federal Reserve Board

Resource TitleTypeDate
12 CFR 210, Subparts A and B (Regulation J) Regulations N/A
12 CFR 205 (Regulation E) Regulations N/A
12 CFR 226, Truth in Lending (Regulation Z) Regulations N/A
12 CFR 229, Subparts A, B, and C (Regulation CC) Regulations N/A
SR Letter 09-2: FFIEC Guidance Addressing Risk Management of Remote Deposit Capture Activities Regulations January 14, 2009
Board of Governors of the Federal Reserve System Payments System Risk (PSR) Policy Guidance December 19, 2008
SR Letter 07-15: Release of Revised FFIEC Bank Secrecy Act/Anti-Money Laundering Examination Manual Regulations August 24, 2007
SR Letter 05-19: Interagency Guidance on Authentication in an Internet Banking Environment Guidance October 13, 2003
SR Letter 01-15: Safeguarding Customer Information Guidance June 7, 2001
SR Letter 01-11: Identity Theft and Pretext Calling Guidance April 26, 2001
SR Letter 00–17: FFIEC Guidance on the Risk Management of Outsourced Technology Services Guidance November 30, 2000
SR Letter 00-04: Outsourcing of Information and Transaction Processing Guidance February 29, 2000
SR Letter 93-64: Credit Card-related Merchant Activities Guidance December 18, 1993

Federal Deposit Insurance Corporation

Resource TitleTypeDate
FIL 4-2009: Risk Management of Remote Deposit Capture Guidance January 14, 2009
FIL 129-2008: New General Counsel's Opinion No. 8, Stored Value Cards and Other Nontraditional Access Mechanisms Guidance November 13, 2008
FIL 127-2008: Guidance on Payment Processor Relationships Guidance November 7, 2008
FIL 44-2008: Guidance on Managing Third-Party Risk Guidance June 6, 2008
FIL 32-2007: Identity Theft - FDIC's Supervisory Policy on Identity Theft Guidance April 11, 2007

Credit Card Activities Manual

 Guidance March 2007
FFIEC Guidance Authentication in an Internet Banking Environment, FIL 103-2005 Guidance October 2005
FIL 7-2005: Fair and Accurate Credit Transactions Act of 2003, Guidelines Requiring the Proper Disposal of Consumer Information Guidance February 2, 2005
FIL 116-2004: Check Clearing for the 21st Century Act Guidance October 27, 2004
FIL 39-2001: Identity Theft and Pretext Calling Guidance May 9, 2001
FIL 79-98: Electronic Financial Services and Consumer Compliance Guidance July 16, 1998

National Credit Union Administration

Resource TitleTypeDate
NCUA Letter to Credit Unions, 09-CU-01: Risk Management of Remote Deposit Capture (with Enclosure) Guidance January 2009
NCUA Letter to Credit Unions, 07-CU-13: Supervisory Letter - Evauluation Third Party Relationships Guidance December 2007
NCUA Corporate Credit Union Guidance Letter 07-04: Accounting for Future-Dated Automated Clearing House (ACH) Transactions Guidance October 2007
NCUA Letter to Credit Unions 06-CU-14: Bank Secrecy ACT (BSA)/Anti-Money Laundering (AML) Manual Interagency Outreach Guidance September 2006
NCUA Letter to Credit Unions 05-CU-18: Guidance on Authentication in Internet Banking Environment Guidance November 2005
NCUA Letter to Credit Unions 05-CU-16: Bank Secrecy Act Compliance Guidance October 2005
NCUA Regulatory Alert 05-RA-02: Suspicious Activity Reports on OFAC blocked transactions Guidance January 2005
NCUA Regulatory Alert 04-RA-12: Check 21 Act Guidance October 2004
NCUA Regulatory Alert 03-RA-07: Final Patriot Act Regulations on Customer (Member) Identification Guidance May 2003
NCUA Letter to Credit Unions, 01-CU-09: Identity Theft and Pretext Calling Guidance September 2001
NCUA Letter to Credit Unions, 01-CU-11: Electronic Data Security Overview Guidance August 2001
NCUA Regulatory Alert 01-RA-08: Interim Final Rules Amending Regulations B, E, M, Z, and DD - Electronic Delivery of Required Disclosures Guidance August 2001
NCUA Letter to Credit Unions, 00-CU-11: Risk Management of Outsourced Technology Services (with Enclosure) Guidance December 2000
NCUA Regulatory Alert 99-RA-3: Pretext Phone Calling by Account Informa-tion Brokers Guidance February 1999

Office of the Comptroller of the Currency

Resource TitleTypeDate
Office of the Comptroller of the Currency (OCC) Comptroller’s Handbook: Depository Services Guidance November 19, 2008
OCC Bulletin 2009-4: Remote Deposit Capture: Interagency Guidance Guidance January 14, 2009
OCC Comptroller’s Handbook: Truth in Lending Guidance October 6, 2008
OCC Bulletin 2008-12: Payment Processors: Risk Management Guidance Guidance April 24, 2008
OCC Bulletin 2006-39: Automated Clearing House Activities: Risk Management Guidance Guidance September 1, 2006
OCC Bulletin 2006-06: Bank Secrecy Act/Anti-Money Laundering: Joint Statement on Sharing Suspicious Activity Reports with Controlling Companies Guidance January 27, 2006
OCC Bulletin 2005-13: Response Programs for Unauthorized Access to Customer Information and Customer Notice: Final Guidance Guidance April 14, 2005
OCC Advisory Letter 2004-6: Payroll Card Systems Guidance May 14, 2004
OCC Bulletin 2003–01: Credit Card Lending, Account Management and Loss Allowance Guidance Guidance January 8, 2003
OCC Comptroller's Handbook: Merchant Processing Guidance December 2001
OCC Bulletin 2001-47: Third Party Relationships, Risk Management Principles Guidance November 1, 2001
OCC Bulletin 2001-6: Expanded Guidance for Subprime Lending Programs Guidance January 31, 2001
OCC Advisory Letter 2000-10: Payday Lending Guidance November 27, 2000
OCC Advisory Letter 2000-9: Third-Party Risk Guidance August 29, 2000
OCC Advisory Letter 2000-6: Audit and Internal Controls Guidance July 23, 2000
OCC Bulletin 2000-20: FFIEC Uniform Retail Credit Classification and Account Management Policy Guidance June 22, 2000
OCC Bulletin 2000-16: Risk Modeling, Model Validation Guidance May 30, 2000
OCC Bulletin 2000-3: FFIEC Consumer Credit Reporting Practices Guidance February 16, 2000
OCC Bulletin 99-15: Subprime Lending: Risks and Rewards Guidance April 5, 1999
OCC Bulletin 99-10: Interagency Guidance on Subprime Lending Guidance March 5, 1999
OCC Bulletin 98-3: Technology Risk Management: Guide for Bankers and Examiners Guidance February 4, 1998
OCC Bulletin 97-24: Credit Scoring Models, Examiner Guidance Guidance May 20, 1997
OCC Advisory Letter 96-7: Credit Card Pre-Approved Solicitations Guidance September 26, 1996

Office of Thrift Supervision

Resource TitleTypeDate
12 CFR Part 570: Interagency Guidelines Establishing Standards for Safeguarding Customer Information, Appendix B Regulations N/A
RB 37-37: Electronic Fund Transfer Act Guidance May 5, 2009
CEO Letter 291: Risk Management of Remote Deposit Capture Guidance January 14, 2009
CEO Letter 273: Compliance with Truth in Savings and Electronic Transfer Act Rules: Government Accountability Office Report 08-281 Guidance April 25, 2008
CEO Letter 228: Interagency Guidance on Authentication in an Internet Banking Environment Guidance October 13, 2005
CEO Letter 214: Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice Guidance March 30, 2005
RB 37-10: Check 21 Guidance February 18, 2008
Thrift Bulletin 82a: Third Party Arrangements Guidance September 1, 2004
CEO Letter 90: FFIEC Information Technology Examination Handbook- Audit Booklet, Electronic Banking Booklet Guidance July 23, 1998
CEO Letter 113: Internal Controls Guidance July 14, 1999
Examination Handbook: Section 218, Credit Card Lending Guidance N/A
Thrift Activities Handbook: Section 340, Internal Control Guidance December 2003
Thrift Activities Handbook: Section 341, Technology Risk Controls Guidance January 2002
Thrift Activities Handbook: Section 580, Payment Systems Risk Guidance January 1994
Examination Handbook: Section 1330, Electronic Funds Transfer Act Guidance N/A
Examination Handbook: Section 1335, Expedited Funds Availability Act Guidance N/A
Examination Handbook: Section 1336, Check 21 Guidance N/A

Check Clearing for the 21st Century Compliance InfoBase, OTS Press Release 04-43

 Guidance October 2004

 

Previous Section
Appendix C: Schematic of Retail Payments Access Channels & Payments Method		Next Section
Appendix E: Mobile Financial Services