Stay Informed

Keep yourself informed of current auditor & examiner trends & the latest FFIEC updates. Free compliance tools, news, & updates from the Guru. Sign up below!

Compliance Guru

From the Field

Enlightenment from recent audits, examinations and customer questions

Guru Briefs – OCC on Cybersecurity & MRA’s, FFIEC on Cybersecurity Assessments

(NOTE:  Guru Briefs are short takes on recently released regulatory activity. They are not a
Read the rest of the article


Ask the Guru: The Vendor Report of Examination (ROE)

Hey Guru,

Where in the handbook does it state the Bank should request exam reports

Read the rest of the article


Say What You Do…But Do What You Say

Feedback from recent regulatory examinations indicates a potentially troublesome trend; regulators are actually reading your …
Read the rest of the article


Hot Topics

The Guru reflects on recent events

Vendor Management in 3 Parts. Part 2 – Risk Assessment (or, “will they or won’t they?”)

In Part 1 I said that vendor management, just as any other risk management endeavor, …
Read the rest of the article


Vendor Management in 3 Parts. Part 1 – Risk Identification (or, “do they or don’t they?”)

Service provider oversight (aka vendor management) is undoubtedly the hottest hot-button item on the regulator’s …
Read the rest of the article


Cybersecurity – Part 2

In Part 1 I discussed the increasing regulatory focus on cybersecurity, and what to expect …
Read the rest of the article


About the Compliance Guru

Tom Hinkel has over twenty years experience in IT regulatory compliance, risk management and information security both inside banks and as a consultant for institutions of all sizes, Hinkel also serves as a regulatory compliance resource and certified educator for Safe Systems' bank and credit union clients.

Safe Systems Compliance Services