Home > News & Events > Financial Institution Letters




Inactive Financial Institution Letters

Extension of Daylight Saving Time
Reminder to Banks to Assess Impact of Extended Time Change on Information Systems
FIL-17-2007
February 23, 2007


Summary: The FDIC is alerting financial institutions that, with the extension of Daylight Saving Time (DST) this year, financial institution management should assess the impact of this change on information systems and implement appropriate updates where needed. DST will begin earlier and end later than in previous years. This year, DST will begin the second Sunday in March and end the first Sunday in November.

Highlights:

  • DST in the United States will begin earlier and end later in 2007 than in past years. The Energy Policy Act of 2005 states that beginning in 2007, DST will begin the second Sunday in March and end the first Sunday in November. Previously, DST began the first Sunday in April and ended the last Sunday in October.
  • Many information technology systems (servers, mainframes and other important systems) may be impacted by the DST change. Most DST-related issues can be resolved by downloading the appropriate operating system patch. If computer system impacts are not identified and addressed, time zone settings for the system clock may be incorrect, which could lead to a variety of problems such as automated logging errors, system monitoring difficulties, degraded system performance and/or disruption of services.
  • Financial institutions should contact system vendors to determine whether a related patch is available. Some system clocks may allow for manual adjustments.
  • This reminder identifies potential risks associated with the DST change and provides mitigation recommendations.

Continuation of FIL-17-2007

Distribution:
FDIC-Supervised Banks (Commercial and Savings)

Suggested Routing:
Chief Executive Officer
Chief Information Security Officer

Related Topics:
Guidance on Developing an Information System Patch
Management Program to Address Software
Vulnerabilities (FIL-43-2003, issued May 29, 2003)

Attachment:
None

Contact:
Senior Policy Analyst Jeff Kopchik at
JKopchik@fdic.gov or (202) 898-3872

Printable Format:
FIL-17-2007 - PDF 41k (PDF Help)

Note:
FDIC financial institution letters (FILs) may be accessed from the FDIC's Web site at www.fdic.gov/news/news/financial/2007/index.html.

To receive FILs electronically, please visit http://www.fdic.gov/about/subscriptions/fil.html.

Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center (1-877-275-3342 or 703-562-2200).



Financial Institution Letters
FIL-17-2007
February 23, 2007

Extension of Daylight Saving Time
Reminder to Banks to Assess Impact of Extended Time Change on Information Systems

The FDIC is reminding financial institutions of the potential impact and related risks posed by the upcoming change to Daylight Saving Time (DST), and is providing risk- mitigation strategies. As mandated by the U.S. Energy Policy Act of 2005, DST in the United States will begin the second Sunday in March and end the first Sunday in November. For 2007, those dates are March 11 and November 4, respectively. Previously, the start date for DST in the United States was the first Sunday in April and the ending date was the last Sunday of October.

Risk-Management Considerations

The impact of the DST change may not cause system failures; however, without remediation and preparation, financial institutions could experience automated logging errors, system monitoring difficulties, degraded system performance, or disruption of some services. In addition, malfunctioning systems could result in compliance errors (e.g., incorrect ATM disclosures) and malfunctioning security systems. Examples of other systems that may be affected include those controlling heating, air conditioning, lights, alarms, telephone systems, PDAs (personal digital assistants) and cash vault doors.

Financial institution management should assess the potential impact of the DST change on its hardware and software and plan for appropriate changes. Management should review both date and time stamp processes and the many time-sensitive routines essential to information systems. Management should address this issue in a timely manner by taking appropriate steps, such as those listed below:

  • Review and verify modifications necessary for all important systems and essential processes, including servers, applications and utility systems.
  • Ensure that critical systems will synchronize and function properly by testing or other means.
  • Determine which systems are connected to the USNO Master (Atomic) Clock through a network time protocol (NTP or NTPD) and whether they will synchronize with the master clock at the appropriate moment.
  • Contact third-party service providers to ensure that the bank is protected.
  • Determine whether the bank has systems that require a manual procedure to be performed and whether a follow-up plan is needed.
  • Ensure that systems adjustments will not be duplicated when the date change occurs.
  • Ensure that all employees throughout the bank are alerted to this change.

Financial institution management should develop and follow procedures to ensure the DST change readiness. Examiners should verify that management has taken appropriate steps to address the DST issue.

Sandra L. Thompson
Director
Division of Supervision and Consumer Protection




Last Updated 03/24/2008 communications@fdic.gov