E-BANKING RISK ASSESSMENTS
Internet Banking Security
Manage the risk of your e-banking services with Tandem
As the prevalence of electronic banking continues to grow, so does the associated risk for financial institutions and their customers/members.
Institutions who offer electronic banking services must perform risk assessments, implement effective strategies for mitigating identified risks, and raise awareness of potential risks.
Follow an easy process to create risk assessments for online account types (e.g., commercial and retail).
Questionnaires help you set risk levels and suggested content helps you determine which layered controls mitigate the organization's internet banking and cybersecurity risk.
Download and distribute brochures, documents, and website resources to educate your customers/members about internet banking security techniques and increase their security awareness.
Topics covered include phishing, mobile device protection, reporting suspicious activity, and more.
Account Takeover Resources
Use the account takeover (ATO/CATO) Board Report and Incident Response Checklist template documents to assist in your annual reporting and incident response documentation.
Risk Assessment and Controls Evaluation
Provide a Risk Assessment and Controls Evaluation to your commercial customers to help them perform a simple assessment of their e-banking security practices.
A printable Microsoft Word document is available, as well as an interactive web application. Source code for the interactive web application is provided so you can embed the assessment into your organization's existing website.
Review visual representations of your internet banking risk assessments on each assessment's dashboard.
Evaluate useful insights into your risk assessment data, as well as a series of reports, designed to ensure your assessment does not contain any missing or incomplete data.
Generate consistent and professional documents effortlessly to share with your senior management, board of directors, auditors, and examiners.
Download a summary document to provide a compilation of the data across all of your internet banking risk assessments, or export each individual risk assessment, as needed. These customizable documents are available in Microsoft Word and Adobe PDF formats.
- Create an unlimited number of risk assessments for different account types
- Use risk assessment version tracking to compare risk assessment data over time
- Visualize your risk exposure with charts and graphs
- Document risk management plans for relevant threats
- Track significant changes to your risk assessments through a revision/approval log
- Assign responsibility and various levels of access to an unlimited number of users
- View a report of your account's user activity
- Identify missing and incomplete assessment data with reports
Frequently Asked Questions
Yes. Tandem provides internet banking risk assessment templates with lists of common information security threats. Risk level results for the threats are quickly generated based on a questionnaire. Each threat includes suggested controls, risk levels, and regulatory guidance.
Tandem also provides template documents for account takeover (ATO/CATO) board reporting, an account takeover incident response checklist, and customer education documents.
The Tandem Internet Banking Security Program is based on the FFIEC's Supplement to Authentication in an Internet Banking Environment guidance.
The purpose of the supplement was to reinforce the initial guidance's risk-management framework and update the federal banking agencies' expectations regarding customer authentication, layered security, and other controls in the increasingly hostile online banking environment.
Yes. Tandem Support is available 8:00 AM – 5:00 PM (CT), Monday through Friday to answer your questions about Tandem application features.
For help with the contents of your risk assessments, check out our partners who can provide internet banking risk assessment consulting.
You are also invited to attend our annual KEYS conference to connect with other users and learn from Tandem experts.
Tandem Support is pleased to offer complimentary training webinars twice a month for our customers, and recordings of those training sessions are available on-demand.
A Knowledge Base is available with articles to help you learn about Tandem. You can stay up-to-date on our latest features by subscribing to our Software Update emails.
Personal training is also available by request for an additional fee.
Yes. Tandem maintains high marks through the following testing: SSAE 18 SOC 1 Type 2, CompTIA Security Trustmark+, internal audits and assessments, quarterly penetration tests.
Security controls include:
- Secure data transmission between your browser and your servers
- Data encrypted at rest using AES-256
- User passwords are hashed and salted
- Datacenter protected by firewall and intrusion detection/prevention systems (IDS/IPS)
- Redundant Internet connections
- Multifactor authentication options
- Single Sign On (SSO) integration using SAML 2.0
- IP address restrictions
- User activity log
- User access roles/restrictions
Tandem products are delivered via the Internet as Software as a Service (SaaS) applications. Tandem can be accessed from any device with a modern browser. No software installation or special equipment is required.
New features and updates are included with your annual subscription and automatically available. Each new feature is documented in our Software Updates blog.
Yes. All Tandem products are available under the same secure website.
Internet banking risk assessments are completely integrated with the Tandem Risk Assessment product.
Yes. With a single login you can manage several companies' internet banking security programs (requires a subscription for each company).