SOCIAL DISTANCE PRICING — We know it's not always possible to train in a group setting right now, so we're offering additional user logins for $25 each. If you need more than 5, contact us to purchase.

Have you completed this webinar? Please tell us what you think.

Course description

Customers who use mobile financial services don't always take precautions to protect their devices, leaving the payment and banking information vulnerable. How does a financial institution protect mobile payments and services when it cannot protect the device the information transmits from. Regulators have concerns about whether institutions are employing strong security protocols. Failure to do so can leave payment and account information vulnerable and expose the institution to significant risk.

A new Appendix E: Mobile Financial Services was introduced into the IT Examination Handbook by the FFIEC in April 2016. The guidance provides standards for financial institutions offering mobile financial services, and standards for assessments. The guidance may require significant changes to your existing security program and internal auditors should be revising their audit scope based on this new guidance. Financial institutions offering mobile financial services should expect their next electronic banking and/or information security audit to include a risk management review of how effectively they measure, mitigate, and monitor the risks involved and ensure appropriate staff are familiar with the technologies that enable mobile financial services.

And that's not all! The guidance also requires enhanced customer education, director and management involvement, and stronger vendor due diligence.

This webinar will evaluate all of the components of the guidance and provide attendees with some practical considerations, examples, and insights. At the conclusion of the course, attendees will have developed a "game plan" for tackling the new guidance.

In this program, we will:

  • Review components of Appendix E
  • Define critical mobile financial services risk management components and terms
  • Identify risks of given situations for common community bank mobile financial services and assign appropriate controls
  • Isolate areas where community banks can expect challenges
  • Outline critical management and board report criteria
  • Record tips to effectively manage third parties who provide services that support a bank's mobile financial service product(s)
  • Discover resources for more information and next steps

Who Should Attend:

  • Electronic banking personnel
  • Information technology personnel
  • Information security personnel
  • Auditors
  • Compliance staff
  • Risk management personnel
  • Executive management
  • Solution providers offering mobile banking / payment products to financial institutions


Rayleen Pirnie

Rayleen is the founder and owner of RP Payments Risk Consulting Services, LLC. based in Missouri. She is a nationally recognized payments risk and fraud expert. Her programs educate financial institutions and businesses on topics ranging from payments fraud to information security. She is the author of several payments risk and fraud blogs geared toward helping organizations recognize threats and protect themselves from loss.Always interested in Risk Management, Rayleen has supported many notable organizations over the years. She is a member of the International Association of Financial Crimes Investigators, supporting their training programs since 1998. She sat on NACHA’s Risk Management Advisory group for two terms, and assisted with FSISAC’s first CAPP exercise. For 16 years Rayleen has spoken at national and regional conferences. Recent events include NACHAs Payments Conference, the American Bankers Association Risk Management Forum, the Security Matters annual conference at Murray State University, the Risk Management Association, and the Federal Reserve Bank of Kansas City Risk Management Conference.

Course curriculum

  • 1


    • Mobile Services Risk Management

  • 2


    • Slides