There are many day to day banking activities which aren’t governed by prescriptive legal requirements but by the terms of the financial institution-customer contract, by customary banking practice and what a competent financial institution would do.

In BFSO Bulletin 58 the Ombudsman discusses the results of bank surveys which he has used to reach conclusions about industry practice and the requisite standard of care and skill of a diligent and prudent financial services provider.

He looks at 3 particular everyday scenarios:

• Mandate for Change of Signing Authority on Accounts: "it would be good industry practice to require both account holders to request or consent to the addition of a third party signatory irrespective of whether the account mandate was for both to sign or either to sign."…"Similarly…it would appear appropriate that both account holders should request or consent to one of the account holders being removed from the account signing authority, or to a transaction which would in effect close the account or remove the whole of the funds in a deposit account from the control of one of the account holders."
• Withdrawal Instructions Presented by a Third Party: "the major banks follow different procedures in circumstances where a passbook and withdrawal voucher are presented to a teller to make a withdrawal by a person who is not the account holder. All are examples of good practice: One bank requires prior arrangements to have been made by the customer with his or her manager, in which the customer authorises the third party to present the withdrawal request. Another bank requires the third party presenting the withdrawal request to produce a signed authority from the account holder, together with proof of identity in accordance with that authority. Another bank again will not process the withdrawal request unless it can contact the account holder to verify his or her instructions."
• Guarantor and Third Party Income in Credit Assessments: "there may be circumstances in which it would be industry practice to take into account a guarantor’s income. However, where a guarantor is not directly and regularly involved in the financial affairs of the debtor, a financial services provider should take extra care before approving an application for finance based on the income of a third party or guarantor.
  We will consider what information was provided to the guarantor regarding the financial position of the debtor and the financial services provider’s reliance upon the guarantor’s income as well to approve the loan. If a guarantor was not in a position to know the financial position of the debtor in its totality, and was not fully informed of the financial services provider’s credit assessment, we may consider that it was imprudent to include the guarantor’s income in the assessment of serviceability. In that event, we may conclude that the financial services provider had engaged in maladministration in granting the credit facility."

Do you know what your organisation’s procedures are in these circumstances ? Are they documented? Is there discretion between branches? Who monitors day to day practice?

The key issues will always be:

• did you comply with the terms of your contract with your member?
• who did you owe a duty to and were you negligent or did you breach that duty?
• have you breached any law?
• have you breached your Code of Practice?
• have you acted fairly and reasonably?

The Reserve Bank has published papers from a recent conference:

• The Unfolding Turmoil: Lessons and Responses of 2007–2008 – PDF 50K
  Ben Cohen and Eli Remolona, Bank for International Settlements

• Financial Innovation: What Have We Learnt? – PDF 89K
  Nigel Jenkinson, Adrian Penalver and Nicholas Vause, Bank of England

• The Subprime Crisis: Causal Distortions and Regulatory Reform – PDF 405K
  Adrian Blundell-Wignall, OECD and Paul Atkinson, Group d’Economie Mondiale de Sciences Po, Paris

• Liquidity, Financial Crises and the Lender of Last Resort – How Much of a Departure is the Sub-prime Crisis? – PDF 88K
  E Philip Davis, Brunel University

• Promoting Liquidity: Why and How? – PDF 275K
  Jonathan Kearns and Philip Lowe, Reserve Bank of Australia

• Recent Developments in Federal Reserve System Liquidity and Reserve Operations – PDF 232K
  Spence Hilton, Federal Reserve Bank of New York

In my reviews of organisations I often find that a lack of physical security is the most likely compliance risk. For example files left on desks, filing cabinet keys left on top of the cabinet and even passwords left on post-its stuck on PC’s represent privacy and AML risks.

A recent US survey (reported in Computerworld) revealed that computer laptops are most often stolen at airports, along with hotels and parked cars.

"Some of the largest and medium-size U.S. airports report close to 637,000 laptops lost each year, according to a Ponemon Institute survey. Laptops are most commonly lost at security checkpoints, according to the survey.

Close to 10,278 laptops are reported lost every week at 36 of the largest U.S. airports, and 65% of those laptops are not reclaimed, the survey said. Around 2,000 laptops are recorded lost at the medium-size airports, and 69% are not reclaimed. The institute conducted field surveys at 106 airports in 46 states and surveyed 864 business travelers….

The U.S. Federal Trade Commission recommends people treat laptops "like cash." Like a wad of money, a laptop in public view, such as in the back seat of a car or at the airport, could attract unwanted attention. The FTC also recommends using tracking devices such as Absolute Software Corp.’s LoJack, which can help track down a stolen laptop by reporting its location once it is connected to the Internet."