Recent years have seen an increasing focus on the digital presence of financial institutions (FIs). And with the current era of COVID-19 we are living in, FIs are feeling even more pressure to go digital.
Consider the number of eBanking services that you now offer, your online applications, and social media presence. More than likely, your FI’s website is the launching point for almost all these services. This means your website is becoming an increasingly important part, if not the central part, of your digital strategy. That’s why it’s crucial FIs don’t neglect website compliance efforts.
An easy way to do that is through a website compliance review.
What exactly is a compliance review and how can it ultimately benefit your institution?
The review is an objective and comprehensive evaluation of your online presence. This includes the content of your website and social media pages, functionality, and compliance with applicable regulations. It should provide unbiased insight to highlight issues that may have been overlooked during site development or updates.
While a comprehensive review should cover a multitude of matters, for today, I want to start with a brief overview of what your FI should expect from a review.
At the most fundamental level, your site needs to have proper FDIC/NCUA, Equal Housing Lender (EHL), and copyright notices. In addition, the review should also determine if your site has a Privacy Policy present, and if so, if it contains the necessary information.
Note: For those FIs that are subject to the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA), privacy requirements have gotten a bit more complicated in the past couple of years!
Your site should also provide Terms of Use and disclaimers for both email hyperlinks and external links. And of course, the review should address any misspelled words or broken links. Is this a compliance issue? No. Is it critically important to your site? Absolutely. Having words that are spelled incorrectly or links that are not functioning will reflect poorly on your site and ultimately the reputation of your FI.
Just covering those basics is already a lot of information that needs to be examined on a site.
But for each product or service that you add to your site, there are additional compliance requirements that will need to be met. Simply put, the more language or capabilities you add, the more requirements that will need to be addressed.
There are the more obvious requirements, such as Regulation DD-Truth in Savings Act, Regulation Z-Truth in Lending Act, and Regulation B-Equal Credit Opportunity Act. And if your FI has recently made the decision to add online deposit and loan applications, to your site, your review will become much more complex.
Compliance factors will have to be addressed for CIP and OFAC, E-Sign Act compliance, Regulation C-HMDA, Regulation X-HUD/RESPA, Regulation E-Electronic Funds Transfer Act, and Regulation CC-Expedited Funds Availability Act.
Also, if your FI provides content regarding Non-Deposit Investment Products or job opportunities, compliance with Bank Insurance Sales Rules and Equal Employment Opportunity guidelines they will have to be included in the review.
For any health-related information for health insurance sales or information from children under 13, the Health Insurance Portability and Accountability (HIPAA) and Children’s Online Privacy Protection Act standards (COPPA) will come into play. Clearly this is an incredible amount of detail that your FI will be responsible for ensuring compliance with!
The final factor in a website compliance review is your FI’s social media pages. Much like your website, your social media pages are avenues for communication with your customer base. Of course, these communications can include product advertisements.
And guess what must happen if your FI advertises on social media? That’s right! Compliance with applicable regulations.
Deposit and loan product ads, including rate advertisements, need to adhere to regulation requirements. If your FI includes posts about job openings, then Equal Employment Opportunity information should be included as well. And ideally, if you post ads for eBanking services, consider providing links to your site or to the Terms and Conditions for these products so users can read more about these services.
As a side note, if you are ever unsure about compliance with regulations involving social media, check out the helpful outline provided in the FFIEC’s 2013 Social Media: Consumer Compliance Risk Management Guidance. This outline includes regulations and examples of when they might apply in social media practices.
One of the most beneficial factors of website compliance reviews is preparedness. A review helps ensure that your site is in its best form for your customers, and it also helps prepare your FI for audits and exams that will include your site.
Having an objective and comprehensive review completed annually helps your FI identify potential compliance issues with your site and social media pages and better positions your FI for a more successful exam or audit.
With your digital channel more relevant than ever, it’s critical to take the time to ensure your website and social media pages receive the same compliance focus as other areas of your business .
Stay up to date with the latest people-inspired innovation at Jack Henry.
.svg)
