Hi. I apologize but I have been advised by our legal department that I cannot share our policy within this forum. What I can do is share the intro and topic areas that it covers. I took these heading by heading from the 2009 FFIEC RDC Guidance document. Hope this helps!
Purpose
This document establishes the formal risk management policy of Fifth Third Bank (“Fifth Third”) to effectively mitigate, measure and monitor the risks associated with Electronic Deposit Manager based on the guidelines contained in the Federal Reserve document
FFIEC Risk Management of Remote Deposit Capture (RDC) dated 2009.
This policy establishes Fifth Third’s risk tolerance
levels, internal procedures and controls, risk transfer mechanisms where appropriate and
available, and well-designed contracts that meet our risk management needs.
This Policy covers the following items for Electronic Deposit Manager:
Continuous Risk Assessment
- Risk management scope
- Product management oversight
Legal and Compliance Risk Management
- Funds Availability, Returned Items and Disputes
- Bank Secrecy/AML Compliance
- Operational Risk
- Client Document Management
- System Access and Authentication
Risk Mitigation and Controls
- Customer Due Diligence and Suitability
- Customer Contracts, Training, Site Visits,Self Assessments
- Vendor Due Diligence and Suitability
- Business Continuity
- Oversight and Monitoring of Questionable or Fraudulent Activity