Financial Crime World

Guidelines for Electronic Banking Operations

=====================================================

Central Bank of The Bahamas - Bank Supervision Department

June 6, 2006

This guide provides guidelines for licensees (banks) regarding electronic banking (e-banking), focusing on security, risk management, customer education, and cross-border transactions.

I. Security of E-Banking Systems

Licensees should have proper controls in place to manage legal and reputation risks associated with e-banking systems. These controls may include:

  • Proper terms and conditions: clear and concise documentation outlining the e-banking services offered, including any applicable fees or charges.
  • Appropriate disclosures and disclaimers: transparent and easily accessible information on websites or relevant documents regarding e-banking services, including potential risks and limitations.
  • Insurance coverage: consideration of insurance coverage to address residual legal risks associated with e-banking operations.

II. Customer Security and Education

Licensees should provide easy-to-understand advice to customers on e-banking security precautions, including:

  • Password and user ID selection and protection: guidance on creating strong passwords and protecting personal user IDs.
  • Personal information disclosure: warnings against disclosing sensitive personal information to unauthorized persons or suspicious websites.
  • Public computer usage: caution against accessing e-banking services through public or shared computers.

III. Cross-Border Electronic Banking Activities

Before engaging in cross-border e-banking transactions, licensees should ensure that adequate information is disclosed on their websites to allow potential customers to make an informed decision about the licensee’s identity, home country, and regulatory status.

IV. Types of Internet Financial Services

The document classifies e-banking services into three categories based on risk level:

1. Information Service (Low Risk)

  • One-way communication providing information or advertisements.
  • No customer interaction required.

2. Interactive Information Exchange Service (Moderate Risk)

  • Customers can interact with the bank, make inquiries, and complete application forms.
  • Some degree of customer control over interactions.

3. Transactional Service (High Risk)

  • Customers can execute online transactions such as fund transfers, bill payments, and other financial transactions.
  • High level of customer control over transactions.

Overall, this guide emphasizes the importance of security, risk management, and customer education in e-banking operations, particularly for licensees providing transactional services.