IT Compliance Consulting for Foreclosure & Bankruptcy Firms
Recently, Accellis Technology Group was contracted for urgent help from our Foreclosure and Bankruptcy law firm clients to meet regulatory compliance standards coming from various financial institutions around the country. Simply put, banks are cracking down on law firms to secure their IT in order to protect Personally Identifiable Information (PII). Accellis met this challenge and implemented the proper equipment and procedures to ensure that our firms retained their continued relationships with these very important revenue sources.
Here are just 10 regulations that could cost you big:
- If you’re running free-ware antivirus, kiss just about any lender goodbye; if you’re paying for anti-virus it needs to be up to date if/when your firm is audited
- You need a written anti-fraud policy, including procedures that address fraud risk
- Firm cannot engage in business transactions with parties prohibited by OFAC (Office of Foreign Assets Control)
- Your physical office space as well as your computing assets need to be locked and, in some cases, alarmed (your actual office, desk drawers, desktops, file cabinets, etc.)
- All hard drives and removable media need encryption
- You can’t have default vendor passwords, and some lenders require ‘strong-passwords’
- Strict no-use policy regarding peer-to-peer file sharing services (i.e., Limewire, Gnutella, etc.)
- Some financial institutions prohibit web-based backup services, and most if not all require encrypted back up and/or offsite storage
- Some lenders have indicated that they strongly discourage social networking sites
Keep in mind that each financial institution is different and there is no uniform guidebook across all lenders. Firms need to get in front of these problems as early as possible so don’t wait until you’re audited. Ask your lenders for their IT regulations checklists, contact Accellis Technology Group to begin the compliance process now. You don’t want banks to stop sending business because you've violated their compliance regulations.