Chat with AI
Deck 13: Regulatory Compliance for Financial Institutions
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/20
Play
Full screen (f)
Deck 13: Regulatory Compliance for Financial Institutions
1
Which of the following agencies regulates financial institutions not covered by other agencies?
A) Federal Trade Commission (FTC)
B) Commodity Futures Trading Commission (CFTC)
C) National Credit Union Administration (NCUA)
D) Federal Deposit Insurance Corporation (FDIC)
A) Federal Trade Commission (FTC)
B) Commodity Futures Trading Commission (CFTC)
C) National Credit Union Administration (NCUA)
D) Federal Deposit Insurance Corporation (FDIC)
Federal Trade Commission (FTC)
2
Which of the following agencies regulates state-chartered banks?
A) Federal Trade Commission (FTC)
B) Commodity Futures Trading Commission (CFTC)
C) National Credit Union Administration (NCUA)
D) Federal Deposit Insurance Corporation (FDIC)
A) Federal Trade Commission (FTC)
B) Commodity Futures Trading Commission (CFTC)
C) National Credit Union Administration (NCUA)
D) Federal Deposit Insurance Corporation (FDIC)
Federal Deposit Insurance Corporation (FDIC)
3
The Federal Reserve Board is responsible for regulating which of the following?
A) Bank holding companies and member banks of the Federal Reserve System
B) National banks, federal saving associations, and federal branches of foreign banks
C) Federally charted credit unions
D) State-chartered banks
A) Bank holding companies and member banks of the Federal Reserve System
B) National banks, federal saving associations, and federal branches of foreign banks
C) Federally charted credit unions
D) State-chartered banks
Bank holding companies and member banks of the Federal Reserve System
4
Which of the following statements best describes operational risk?
A) The risk arising from adverse business decisions
B) The risk arising from negative public opinion
C) The risk arising from problems with service or product delivery
D) The risk of loss resulting from inadequate or failed internal processes, people, or systems
A) The risk arising from adverse business decisions
B) The risk arising from negative public opinion
C) The risk arising from problems with service or product delivery
D) The risk of loss resulting from inadequate or failed internal processes, people, or systems
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
5
Which of the following statements best describes reputational risk?
A) The risk arising from adverse business decisions
B) The risk arising from negative public opinion
C) The risk arising from problems with service or product delivery
D) The risk of loss resulting from inadequate or failed internal processes, people, or systems
A) The risk arising from adverse business decisions
B) The risk arising from negative public opinion
C) The risk arising from problems with service or product delivery
D) The risk of loss resulting from inadequate or failed internal processes, people, or systems
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
6
Which of the following best describes an assessment?
A) Evidenced-based examination that compares current practices against a specific internal or external criteria
B) A focused privileged inspection to determine condition, locate weakness or vulnerabilities, and identity corrective actions
C) Testing controls by performing vulnerability assessment tests that simulate real attacks
D) Configuring the System and Security logs on each system to record and audit activities
A) Evidenced-based examination that compares current practices against a specific internal or external criteria
B) A focused privileged inspection to determine condition, locate weakness or vulnerabilities, and identity corrective actions
C) Testing controls by performing vulnerability assessment tests that simulate real attacks
D) Configuring the System and Security logs on each system to record and audit activities
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
7
Which of the following testing methodologies measures how well controls and safeguards work by subjecting the system to an attack?
A) Assessment
B) Audit
C) Assurance
D) All of the above
A) Assessment
B) Audit
C) Assurance
D) All of the above
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
8
Which of the following is an evidence-based examination that compares current practices against internal or external criteria?
A) Appraisal
B) Audit
C) Assurance
D) Assessment
A) Appraisal
B) Audit
C) Assurance
D) Assessment
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
9
What is the FTC implementation of the GBLA?
A) Interagency guidelines
B) Guidelines for Safeguarding Member Information
C) Safeguards Act
D) Banks Holding Company Act
A) Interagency guidelines
B) Guidelines for Safeguarding Member Information
C) Safeguards Act
D) Banks Holding Company Act
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
10
What is the term used to describe names, addresses, and phone numbers when linked to bank and credit card account information?
A) Private information
B) Nonpublic personal information
C) Nonpublic private information
D) Personal information
A) Private information
B) Nonpublic personal information
C) Nonpublic private information
D) Personal information
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
11
Which of the following threats must financial institutions address?
A) Denial of service
B) Unauthorized access
C) Malware
D) All of the above
A) Denial of service
B) Unauthorized access
C) Malware
D) All of the above
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
12
Which of the following is not considered NPPI?
A) Social Security number
B) Customer account number
C) Credit card account number
D) Credit history
A) Social Security number
B) Customer account number
C) Credit card account number
D) Credit history
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
13
According to the Interagency Guidelines, who must approve the bank's written information security program?
A) Chief Executive Officer
B) Chief Security Officer
C) Board of Directors
D) Information owner
A) Chief Executive Officer
B) Chief Security Officer
C) Board of Directors
D) Information owner
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
14
Which of the following, also known as social engineering, is a methodology by which an individual impersonates someone else to extract sensitive information from them?
A) Pretexting
B) System infiltration
C) Corporate identity theft
D) Denial of service
A) Pretexting
B) System infiltration
C) Corporate identity theft
D) Denial of service
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
15
Which of the following gives federal financial regulators statutory authority to regulate and examine the services a technology service provider (TSP) performs for FDIC-insured financial institutions?
A) FDIC
B) FFIEC
C) NIST
D) BSCA
A) FDIC
B) FFIEC
C) NIST
D) BSCA
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
16
Which of the following statements best describes strategic risk?
A) The risk arising from adverse business decisions
B) The risk arising from negative public opinion
C) The risk arising from problems with service or product delivery
D) The risk of loss resulting from inadequate or failed internal processes, people, or systems
A) The risk arising from adverse business decisions
B) The risk arising from negative public opinion
C) The risk arising from problems with service or product delivery
D) The risk of loss resulting from inadequate or failed internal processes, people, or systems
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
17
Which of the following is used by regulatory agencies to uniformly assess financial institutions based on a rating scale of 1 to 5, with 1 representing the best rating and least degree of concern, and 5 representing the worst rating and highest degree of concern?
A) NY DFS
B) URSIT
C) BSCA
D) GLBA
A) NY DFS
B) URSIT
C) BSCA
D) GLBA
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
18
Which of the following is an interagency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions?
A) NCUA
B) FRB
C) FDIC
D) FFIEC
A) NCUA
B) FRB
C) FDIC
D) FFIEC
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
19
Which key part of the NY DFS Cybersecurity Regulation covers training and monitoring?
A) Section 500.06
B) Section 500.12
C) Section 500.14
D) Section 500.17
A) Section 500.06
B) Section 500.12
C) Section 500.14
D) Section 500.17
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
20
Which of the following refers to the risk arising from problems with service or product delivery?
A) Operational risk
B) Transactional risk
C) Strategic risk
D) Compliance risk
A) Operational risk
B) Transactional risk
C) Strategic risk
D) Compliance risk
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 20 flashcards in this deck.
