The Bank for International Settlements has published a new guide (PDF) for bankers in managing the risks associated with electronic banking activities.
Based on these conclusions, the Committee considers that while existing risk management principles remain applicable to e-banking activities, such principles must be tailored, adapted and, in some cases, expanded to address the specific risk management challenges created by the characteristics of e-banking activities.
To this end, the Committee believes that it is incumbent upon the Boards of Directors and banks’ senior management to take steps to ensure that their institutions have reviewed and modified where necessary their existing risk management policies and processes to cover their current or planned e-banking activities.
The Committee also believes that the integration of e-banking applications with legacy systems implies an integrated risk management approach for all banking activities of a banking institution.
Interesting. I’m trying to recall approximately when the first online banking activities began in the United States. Prior to the Internet, there were proprietary dial-up based packages offered by several of the major banks. After Netscape launched its browser and server products, banks like Wells Fargo launched their online banking services. Seems like that must have been in the ’96-’97 timeframe, about six years ago. Regulators eventually catch up with technology’s evolution — this BIS recommendation to board members and senior bank management being an excellent example.