operations risk management for natural disasters

With storms and grid overloads, what have you done to ensure you can accept payments regardless of the weather or localized power outages? With “always on” solutions, you can accept payments from any where. It seems a simple assumption, but many operations are not prepared for a short or long term power outage, even after Katrina, Wilma, and other natural disasters.

What are some of the options for an ongoing operation to accept credit card payments?

Virtual Terminal– enter transactions from wherever you are. All you need is an internet connection. In the B2B world, this can be a critical mechanism to collect payments. What if you are a company that actually responds to help others after a disaster? In the hectic aftermath, record keeping is vital, and so is fast collection of payments for work as you mount overtime hours and material costs. With the right virtual terminal you can authorize an estimated amount for a job, and capture the actual funds when you complete the job. Or auth/capture a deposit, and bill the remaining upon completion.

Swipe credit card terminal– What if you can’t run your swipe terminals because the phone lines are down? Again, a virtual terminal saves the day.
– call in the orders to someone who has internet access for virtual terminal (especially if you want good record keeping of the name, address, etc)
– login to a virtual terminal via a wireless card with a laptop
– if you have network internet access, do you have an ethernet connection on your terminal that you can plugin to?

Do natural disasters increase risk of fraud in the aftermath? With CenPOS payment processing platform, the administrator can remotely view the financial condition of each location in real time, payment processing activities at all locations, and shut down or grant new access to staff. With a laptop and a USB terminal, employees can accept swipe credit card transactions from wherever they are, CenPOS will check key anti-fraud factors, and with an optional signature capture terminal, you can further protect the company from chargebacks.

Chargeback protection– In a disaster aftermath record keeping can be a nightmare, but with CenPOS signature capture, your company can readily retrieve signed receipts for years after the original charge and present to the processor to prevent a chargeback.

iStream Financial Services Anticipation of Risk Management Pays off

iStream Financial Services’ Anticipation of Risk Management Related to Remote Deposit Pays Off

January 27, 2009 – Brookfield, Wisconsin – iStream Financial Services, Inc., a financial technology company in the business of managing payments, announced today the company’s systems, policies and practices are on target with the FFIEC’s newly-released guidelines for risk management for Remote Deposit Capture (RDC).

“These new risk management guidelines from the FFIEC are critical guidelines for examiners, business owners, banks and technology providers as many of the solutions out there aren’t as secure as they could be. Based upon our experience in payments, we anticipated and appreciate the need for these controls. That said, we’ve worked hard to ensure the reliability of our systems and procedures surrounding our solutions. The completion of our SAS 70 Type II specific to RDC processes is just one way we have proved our commitment to our customers” said Fred Joachim, President, iStream Financial Services.

“We believe we have the most secure solution on the market. Our RDC process is secure from start to end, beginning with encrypting the images at the point of capture and eliminating the need for the user to store or export sensitive data.”

iStream’s foresight goes back years, not just months. In October of 2006, iStream was asked to present at the FDIC Technology Summit in Washington D.C. regarding “Emerging Issues and Risk Mitigation in the Financial Institution Industry”. The presentation focused on helping auditors and regulators understand the risks related to RDC. iStream continues to be a leader regarding RDC processes and technology.

“You read and see the effect of data breaches almost daily. From credit card information to Social Security Numbers, no person or company ever wants it to happen” states Mike Nell, VP of IT. “Our IT team has over 75 years experience developing solutions which address the inherent risks in payments systems. We were able to leverage that experience to engineer security, integrity, and reliability into our solution from the start.”

iStream’s Remote Deposit Capture service has seen phenomenal growth within the past few years. iStream’s flexible solution enables businesses to leverage multiple banks and is a major differentiator in the marketplace. In today’s economy, iStream provides businesses the controls they need while being able to work with the banking partner of their choice.

The FFIEC guidance, entitled “Risk Management of Remote Deposit Capture,” addresses the essential elements of RDC risk management: identifying, assessing, and mitigating risk, as well as measuring and monitoring residual risk exposure. The guidance also discusses the responsibilities of senior managers in overseeing the development, implementation, and operation of RDC in financial institutions.

iStream developed the first integrated Application Service Provider (ASP) RDC solution that enabled the company to go direct to customers and offer Financial Institutions a superior solution. The essential ingredient for iStream’s success is simplicity: the iStream ASP model takes minutes to set-up; the deposit process is three easy steps; and the user-friendly system moves beyond the deposit to incorporate online reporting, returns management, and is easily integrated to back office applications such as accounts receivable systems.

About iStream Financial Services:
iStream Financial Services’ core mission is to provide businesses and banks solutions to consolidate and manage various payment types. The company leverages its technology platform, knowledge and people to introduce new products that will help business and banks across the country. iStream complies with FDIC security standards and is audited annually. The company has also completed a SAS 70 Type II to validate the end-to-end controls of our Remote Deposit Capture process ensuring the integrity, reliability, and security of our application and systems.


FFIEC Issues Guidance on Risk Management of Remote Deposit Capture

Financial Regulators Release Guidance on Risk Management
of Remote Deposit Capture

The Federal Financial Institutions Examination Council (FFIEC) issued guidance today for examiners, financial institutions, and technology service providers to identify risks, evaluate controls, and assess risk management practices related to remote deposit capture (RDC) systems.

RDC enables customers to make deposits from their homes or businesses instead of taking the deposits to their financial institutions. Digital information captured at the home or business is transmitted to the financial institution or its service provider for clearing and settlement. Financial institutions might also use RDC in their branches and automated teller machines (ATMs) to facilitate deposit processing.

When properly managed, RDC can reduce processing costs, support new and existing products by financial institutions, and accelerate the availability of customers’ funds. However, RDC also introduces new risks and increases existing risks in processing deposits originated by an institution’s commercial or retail customers, or by customers of other financial institutions domestically and abroad.

The guidance, Risk Management of Remote Deposit Capture, addresses the essential elements of RDC risk management: identifying, assessing, and mitigating risk, as well as measuring and monitoring residual risk exposure. The guidance also discusses the responsibilities of senior managers in overseeing the development, implementation, and operation of RDC in their financial institutions. Interagency RDC examination procedures will be published in an updated FFIEC Retail Payment Systems booklet scheduled for release in early 2009.

FFIEC RDC Guidance (PDF)