Posts by Ed Kountz from July 10, 2008

Ed Kountz | July 10, 2008, 09:11 AM
Fed Seeks Greater Financial Regulatory Powers

In what’s become a regular chorus in recent weeks, Fed Reserve Chairman Ben Bernanke has suggested a formal receivership process for investment banks, and has posed the Fed as the logical choice to regulate systemic risk in the industry. The move, coming on the heels of similar calls from Treasury Secretary Henry Paulson and FDIC chair Sheila Bair, is significant because it would, if enacted, give the Fed and the SEC greater authority over the workings of the capital markets and additional regulatory powers. Aside from the eventual impact of such changes,it's already clear that such moves would introduce significant regulatory change into the space--without, at least at present, a clear path to how that change would be managed or function.

Expect a reiteration of these points later Thursday, when Bernanke and Treasury Secretary Paulson are slated to give testimony on investment bank oversight to the House Financial Services Committee. Bernanke noted that “Fed/ SEC cooperation is taking place within the existing statutory framework, with the objective of addressing the near-term situation. In the longer term, legislation may be needed to provide a more robust framework for the prodential supervision of investment banks and other large securities dealers.” The SEC and the Fed have already worked out a memorandum of understanding (MOU), in which the two agreed to share information and analyses regarding the financial strength of primary dealers, and to “work jointly with the firms to support their continued efforts to strengthen their balance sheets, their liquidity, and their risk-management practices,” according to the transcript of Bernanke’s speech.

LINK

Yet while Bernanke’s calls come on the heels of similar ones by both Paulson and Bair, several issues remain unresolved.
First is clarity around how such a process would work, and what roles would go to what players. In addition, not all relevant agencies have bought into all elements of the concept—the Office of Thrift Supervision, for example, has said that it does not believe it necessary for Congress to legislate a framework for investment bank receivership. And beyond the day-to-day issues facing the Fed within the credit crisis, it’s unclear how the Fed expects a receivership process for investment dealers would work, or what should happen if a firm is deemed to be on the brink.

But perhaps most importantly, beyond the cost and other burdens that a process would entail, time is elapsing in the current legislative session, making it likely that any real action would not come until the start of the next session in 2009. Still, given the number of times the issues’ been raised, expect the issue to received renewed attention once a new Congress and administration are in place.

Ed Kountz | July 10, 2008, 08:00 AM
Gmail’s Security Improvement—Lessons for Banks from the Email World?

Google this week introduced an interesting email security enhancement, which is worth a second look, as financial services firms seek online security elements that go beyond those introduced in response to FFIEC guidelines in 2006.

Since the FFIEC announced that the long-standard UID/ PW combination would no longer be enough to secure sensitive banking transactions in October 2005, leading banks have adopted a variety of options to increase login security. These vary greatly...from the continuing use of SiteKey (and now one-time codes delivered to mobile devices, for opt-in customers) at BofA, to the User ID, PassWord, Virtual Keyboard/ Second Password option in use at HSBC.

But what's been lacking...and what the Google tool cleverly addresses, is essentially a higher level of security control.

The tool allows Gmail users to view when activity last occurred within their Gmail account, and to see if an account is still open in one location when a consumer is in another.

LINK

The tool allows consumers greater control over a higher dimension of online security, enabling remote monitoring (and monitoring from multiple PCs), as well as greater session control. While a small feature, it is worth the review of FS firms, and others seeking to offer consumers greater remote control and auditability of recent activity.

While a significant portion of online consumers report feeling safe accessing their bank account online—as distinct from other online activities, where regular readers know that concerns about data security remain highly prevalent—JR data also show that many consumers say they are not wedded to existing log-in processes, and would make (reasonable) changes if the result is increased online security. Upcoming JR research will consider this issue at more length.