Download presentation
Presentation is loading. Please wait.
1
2013 LBA Bank Counsel Conference
Hancock Holding Company 2013 LBA Bank Counsel Conference Contract Provisions and Considerations for Managing Third Party Risk
2
2013 LBA Bank Counsel Conference
Hancock Holding Company 2013 LBA Bank Counsel Conference New regulatory focus on contract “T’s & C’s”: • definite term • detailed description of services • performance standards, with penalty • compliance warranty, with penalty • record retention and right to audit • insurance • compensation terms • IP ownership issues • default and termination; dispute resolution process • business continuity; force majeure
3
2013 LBA Bank Counsel Conference
Hancock Holding Company 2013 LBA Bank Counsel Conference How to allocate risk contractually: • Indemnification Provisions • Limitation on Liability carve outs • Confidentiality; Subcontractor issues • Consumer Issues
4
2013 LBA Bank Counsel Conference
Hancock Holding Company 2013 LBA Bank Counsel Conference Indemnification Clauses: Breach of Confidentiality IP Infringement Theft and bodily harm Breach of Compliance Warranty Can be mutual; Never one-sided
5
2013 LBA Bank Counsel Conference
Hancock Holding Company 2013 LBA Bank Counsel Conference Limitation on Liability Indirect and consequential damages are allowed in most cases. Carve outs: (1) Breach of confidentiality obligations (2) Breach of compliance warranty (3) Indemnification obligations (4) Insurance obligations
6
2013 LBA Bank Counsel Conference
Hancock Holding Company 2013 LBA Bank Counsel Conference Confidentiality Obligations: Consumer Information 12 CFR 40.3 (n)(1) definition of Nonpublic Personal Information ( NPPI): Personally Identifiable Financial Information (“PIFI”) (a) a consumer provides to a bank to obtain a financial product or service (b) about a consumer resulting from any transaction involving a financial product or service (c) the bank otherwise obtains about a consumer in providing a financial product or service Any list that is derived using PIFI that is not publicly available. Exclusions: 12 CFR 40.3 (o)(ii) (not in connection with a bank or is non-identifiable) 12 CFR 40.3(n)(2) (information is otherwise publicly available or has been disclosed to a third party without an obligation of confidentiality) Bank Proprietary information
7
Hancock Holding Company
2013 LBA Bank Counsel Conference Confidentiality Obligations (cont.) Commercial customer information/state law issues: La. R.S. 6:333 Data Security Program: 501(b) of the Gramm Leach Bliley Act; FFIEC Information Security IT Examination Handbook ensure the confidentiality of such information; protect against anticipated threats; protect against unauthorized access Destruction of Confidential Information: 12 CFR Part 30, Appendix B Chain of Control: Subcontractors and sub-subcontractors: recent audit finding
8
Consumer Issues Hancock Holding Company
2013 LBA Bank Counsel Conference Consumer Issues Federal cites, if applicable: • Unfair, Deceptive and Abusive Acts or Practices (“UDAAP”) • The Dodd–Frank Wall Street Reform and Consumer Protection Act • Fair and Accurate Credit Transactions Act of 2003 • Bank Secrecy Act as amended by the USA PATRIOT Act of 2001 • Regulations administered by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) • Electronic Fund Transfer Act and Regulation E, • Privacy Laws, including the Gramm–Leach–Bliley Act • Mortgage loan related Guidelines of FDIC, CFPB, FHA, FHLMC, FNMA, GNMA, HUD, USDA/RHS, and VA
9
Hancock Holding Company
2013 LBA Bank Counsel Conference Hancock Holding Company Consumer Issues (cont.) Complaint Policy and Procedures: who has the duty to respond? What records will be forwarded to bank? Scripts and Letters: Are these in compliance with applicable law? Monitoring Compliance therewith: Does the contract provide specific compliance obligations to assist with Bank’s on-going monitoring of this vendor? 2013 LBA Bank Counsel Conference
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.