Home > News & Events > Financial Institution Letters
Financial Institution Letters
Guidance on Instant Messaging
The Federal Deposit Insurance Corporation (FDIC) has prepared the attached guidance to assist financial institutions in protecting themselves against the vulnerabilities of instant messaging (IM) and establishing policies and procedures concerning its usage.
Instant messaging has become a popular communication channel because it facilitates real-time communication from any computer connected to the Internet by either connecting to a Web browser or by downloading free IM software. Newer versions also permit users to share files in addition to messaging. IM technology is used by financial institution employees at the workplace both officially, as approved by senior management, and unofficially, where users access IM directly from the Internet. IM access may expose financial institutions to security, privacy, and legal liability risks. Institutions should assess the risks and the business needs for IM and establish policies to allow, restrict or deny IM usage based on these risk assessments and business needs.
Customer information security guidelines require that periodic risk assessments and status reports be submitted to the board of directors. These periodic assessments and reports should include the institutions position on IM. Any control weaknesses should be identified and addressed during the normal course of business.
For more information, please contact your FDIC Division of Supervision and Consumer Protection (DSC) Regional Office or Kathryn M. Weatherby, Examination Specialist in DSC, at (202)-898-6793.
For your reference, FDIC Financial Institution Letters may be accessed from the FDICs Web site at http://www.fdic.gov/news/news/financial/2004/index.html
# # #
Distribution: FDIC-Supervised Banks (Commercial and Savings)
NOTE: Paper copies of FDIC financial institution letters may be obtained through the FDICs Public Information Center, 801 17th Street, NW, Room 100, Washington, DC 20434 (1-877-275-3342 or (703) 562-2200).
|Last Updated firstname.lastname@example.org|