2013 LBA Bank Counsel Conference

Slides:



Advertisements
Similar presentations
Dedicated to Helping Business Achieve Law Office of Bill R. Johnson, PLLC (832) Office (866) Fax.
Advertisements

©2008 Perkins Coie LLP Game Industry Roundtable Privacy Developments for the Game Industry Thomas C. Bell September 24, 2008.
Privacy Laws & Higher Education. Agenda 1.Five Privacy Laws a.FERPA b.HIPAA c.GLB d.FACTA Disposal Rule e.CAN-SPAM 2.Overview of the Laws a.What does.
IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.
© 2004 Property Casualty Insurers Association of America The Alphabet of Federal Legislation Kathleen Jensen Property and Casualty Insurers Association.
FAIR AND ACCURATE CREDIT TRANSACTIONS ACT (FACTA)- RED FLAG RULES University of Washington Red Flag Rules Protecting Against Identity Fraud.
ROUNDTABLE LEADERSHIP Rob Northwood, Senior Compliance Officer, First Mortgage Co. Billy Parsley, Vice President, BancFirst Bruce Schultz, Senior Vice.
The New Rules of F&I with Peter Jones The New Rules of F&I What are the Rules? Red Flag Rule Graham / Leach / Bliley Act Privacy Notice Safeguard Rule.
Identity Theft & Data Security Concerns Are You Meeting Your Obligations to Protect Customer Information? Finance & Administration Roundtable February.
Dodd-Frank Wall Street Reform and Consumer Protection Act.
Anti-Money Laundering and OFAC Compliance for Transfer Agents SSA Annual Conference July 25, 2008.
Consumers Online: Privacy, Security and Identity Professor Margaret Jackson and Marita Shelly Presentation to the RMIT Financial Literacy, Banking & Identity.
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
Copyright © 2014 Lender Performance Group, LLC. All rights reserved. Managing risks associated with third-party relationships, in other words Vendor Management.
Guidance for Managing Third-Party Risk Chicago Region Regulatory Conference Call December 8, 2010.
Chapter 7 Federal Regulations and Financial Institutions Related to the Mortgage Market © OnCourse Learning.
Vendor Risk: Effective Management is Essential
West Virginia Bankers Association 2014 Annual Convention Breakout Session: Ask the Experts Panel Panelists: Paul Reynolds David Thomas Christian Gonzalez.
Section 12-2-Regulatory Agencies and Laws.   These agencies make or enforce rules and regulations  Agencies provide oversight or supervision of activities.
Due Diligence - The Regulator’s Perspective ABA Telephone/Webcast Briefing August 14, 2001 Cynthia Bonnette, Assistant Director FDIC Bank Technology Group.
Managing Risk in Cloud Computing Contracts Henry Ward and Todd Taylor April 30, 2015.
REGULATORY LEGAL AND CONTRACTUAL ASPECTS OF PPP IN WATER AJAY RAGHAVAN Counsel Training Workshop, Bhopal, February 2009.
Compliance and Regulation for Mobile Solutions Amanda J. Smith Messick & Lauer, P.C. May 16, 2013.
Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.
WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.
THE CLOUD Risks and Benefits from the Business, Legal and Technology Perspective September 11, 2013 KEVIN M. LEVY, ESQ. GUNSTER YOAKLEY.
1 Knowledge | Innovation | Technology Overview of Risk Management in University Technology Transfer David N. Allen, Ph.D. Associate Vice President for.
1 Regulator Panel FIRMA 25 th Annual Risk Management Training Conference April 19, 2011.
Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.
Crucial Clauses in Complex Supply Agreements AIJA Half Year Conference 2015 – Antwerp Moritz Maurer.
© Copyright 2011, Vorys, Sater, Seymour and Pease LLP. All Rights Reserved. Higher standards make better lawyers. ® CISO Executive Network Executive Breakfast.
Dino Tsibouris (614) Vendor Contracts: What You Need and What You May Be Missing.
Moving Forward Beyond the Economic Crisis: Innovative Proposals New Regulatory Policies.
MAINTAINING PRIVACY & DATA SECURITY IN THE VIRTUAL PRACTICE OF LAW.
Advanced Issues in Privacy: Drafting and Negotiating Business Associate Contracts Thomas E. Jeffry, Jr. Partner Davis Wright Tremaine LLP Los Angeles,
MANAGING THIRD-PARTY RISK New York Region Regulatory Conference Call March 3, 2011.
Bryce K. Earl, Esq. and Thomas G. Grace, Esq Presentation To: Association of Corporate Counsel January 26, 2010 ______________________________ Covenants.
Internal Audit Considerations for Cybersecurity Risks Posed by Vendors October th, 2015 Chicago IIA Chapter’s 2 nd Annual IIA Chicago IT Hacking.
1 Instructions to bidders  Eligibility  Procedure for clarifications  Bid preparation - form  Number of copies, addressee  Language  Pricing and.
Yes. You’re in the right room.. Hi! I’m David (Hi David!)
ANATOMY OF A LICENSE AGREEMENT. Licensor, Licensee and Licensed Property Title to the Intellectual Property being licensed Written agreement Licensing.
Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.
Data Security and Privacy Overview and Update Peter Moldave October 28, 2015.
Chapter 4: Laws, Regulations, and Compliance
Protecting your Managed Services Practice: Are you at Risk?
Dino Tsibouris (614) Cloudy with a Chance of Lawyers: Legal issues in Cloud Computing Contracts.
GREENBERG TRAURIG, LLP ATTORNEYS AT LAW ©2010. All rights reserved. LEGAL CONSIDERATIONS FOR ADVISER OUTSOURCING ARRANGEMENTS Contact: Arthur.
The Law Offices of Sheila Deselich Cohen. Generally subject to the Employee Retirement Income Security Act of 1974 (“ERISA”). Two main types of plans:
Contract Review: Practices and Pitfalls Cynthia A. Haines, Esquire Post & Schell, PC LeadingAge PA Annual Conference June 16, 2016.
Mark Kaufmann. Objectives Share and discuss common tips and traps and ways to address Identify strategies for various vendor “ploys” Reality Check Negotiations.
John Robinson Identity Management: Do You Know Who You Are Doing Business With?
The GLBA, the FCRA, the NCUA, and the State: Understanding the Laws Protecting your Members’ Information NASCUS 2016 Cybersecurity Symposium.
Presented by: David Reid, DBA International
Negotiations: Gotchas That Can Getcha
Drafting Key Commercial and Consumer Contract Terms
Federal Agencies and Laws for Consumer Rights
Financial Service Centers of America
Protection of CONSUMER information
E&O Risk Management: Meeting the Challenge of Change
The CFPB’s Legal Minefield for CREDIT UNIONS
PERSONAL DATA PROTECTION ACT 2010
“To Be or Not To Be” A Federal Contractor or a Third Party Servicer
Cyber Trends and Market Update
DATA BREACHES & PRIVACY Christine M
Current Privacy Issues That May Affect Your Credit Union
Presentation To: Association of Corporate Counsel January 26, 2010
UCA Gramm-Leach Bliley Act (GLBA) Safeguards Rule Compliance Training Effective June 12, 2018 Adapted from materials published by the Federal Trade Commission.
Business Associate Contracts: Time Is Running Out . . .
Explain the role of ethics in financial- information management
Presentation transcript:

2013 LBA Bank Counsel Conference Hancock Holding Company 2013 LBA Bank Counsel Conference Contract Provisions and Considerations for Managing Third Party Risk

2013 LBA Bank Counsel Conference Hancock Holding Company 2013 LBA Bank Counsel Conference New regulatory focus on contract “T’s & C’s”: • definite term • detailed description of services • performance standards, with penalty • compliance warranty, with penalty • record retention and right to audit • insurance • compensation terms • IP ownership issues • default and termination; dispute resolution process • business continuity; force majeure

2013 LBA Bank Counsel Conference Hancock Holding Company 2013 LBA Bank Counsel Conference How to allocate risk contractually: • Indemnification Provisions • Limitation on Liability carve outs • Confidentiality; Subcontractor issues • Consumer Issues

2013 LBA Bank Counsel Conference Hancock Holding Company 2013 LBA Bank Counsel Conference Indemnification Clauses: Breach of Confidentiality IP Infringement Theft and bodily harm Breach of Compliance Warranty Can be mutual; Never one-sided

2013 LBA Bank Counsel Conference Hancock Holding Company 2013 LBA Bank Counsel Conference Limitation on Liability Indirect and consequential damages are allowed in most cases. Carve outs: (1) Breach of confidentiality obligations (2) Breach of compliance warranty (3) Indemnification obligations (4) Insurance obligations

2013 LBA Bank Counsel Conference Hancock Holding Company 2013 LBA Bank Counsel Conference Confidentiality Obligations: Consumer Information 12 CFR 40.3 (n)(1) definition of Nonpublic Personal Information ( NPPI): Personally Identifiable Financial Information (“PIFI”) (a) a consumer provides to a bank to obtain a financial product or service (b) about a consumer resulting from any transaction involving a financial product or service (c) the bank otherwise obtains about a consumer in providing a financial product or service Any list that is derived using PIFI that is not publicly available. Exclusions: 12 CFR 40.3 (o)(ii) (not in connection with a bank or is non-identifiable) 12 CFR 40.3(n)(2) (information is otherwise publicly available or has been disclosed to a third party without an obligation of confidentiality) Bank Proprietary information

Hancock Holding Company 2013 LBA Bank Counsel Conference Confidentiality Obligations (cont.) Commercial customer information/state law issues: La. R.S. 6:333 Data Security Program: 501(b) of the Gramm Leach Bliley Act; FFIEC Information Security IT Examination Handbook ensure the confidentiality of such information; protect against anticipated threats; protect against unauthorized access Destruction of Confidential Information: 12 CFR Part 30, Appendix B Chain of Control: Subcontractors and sub-subcontractors: recent audit finding

Consumer Issues Hancock Holding Company 2013 LBA Bank Counsel Conference Consumer Issues Federal cites, if applicable: • Unfair, Deceptive and Abusive Acts or Practices (“UDAAP”) • The Dodd–Frank Wall Street Reform and Consumer Protection Act • Fair and Accurate Credit Transactions Act of 2003 • Bank Secrecy Act as amended by the USA PATRIOT Act of 2001 • Regulations administered by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) • Electronic Fund Transfer Act and Regulation E, • Privacy Laws, including the Gramm–Leach–Bliley Act • Mortgage loan related Guidelines of FDIC, CFPB, FHA, FHLMC, FNMA, GNMA, HUD, USDA/RHS, and VA

Hancock Holding Company 2013 LBA Bank Counsel Conference Hancock Holding Company Consumer Issues (cont.) Complaint Policy and Procedures: who has the duty to respond? What records will be forwarded to bank? Scripts and Letters: Are these in compliance with applicable law? Monitoring Compliance therewith: Does the contract provide specific compliance obligations to assist with Bank’s on-going monitoring of this vendor? 2013 LBA Bank Counsel Conference