Banking & Lending

Regulations, frameworks and best practices for daily GRC workflow.

Get your content suite now

Contact us now for a no obligation review of how content suites can accelerate your ACL experience

Tools designed for banks & credit unions.

ACL’s content helps increase the value you bring to your organization by providing a lens on emerging risk while staying on top of the latest regulatory requirements. It’s a platform for you to intelligently manage and execute on your strategic agenda. No matter if you’re a bank or credit union, we’ve curated content toolkits to facilitate cross-collaboration between your three lines of defense. In no time, they’ll be speaking one common language and using a common taxonomy.

Included in the Content For Banking & Lending

Browse by toolkit

A toolkit is a curated set of tools aimed at addressing one area of risk or compliance.

For example, a toolkit might include a set of data analytics, a risk control framework, and a best practices program.

AML/ATF Compliance Toolkit

While you have a program to detect and manage SARs and CTRs, how effective is it? Provide assurance over your AML/ATF compliance program.

  • Anti-money Laundering (AML) detection in banking is a critical activity that can span a series of fraud schemes and fraudulent activity from bank employees and customers alike. Since banking is a highly regulated industry, there are a multitude of external compliance requirements that banks must adhere to in the combat against fraudulent and criminal AML activity. ACL is here to help! To get you running we've got some great analytic scripts on auditing various controls throughout the banking process. Get started today!
  • Anti-money Laundering (AML) detection in banking is a critical activity that can span a series of fraud schemes and fraudulent activity from bank employees and customers alike. Since banking is a highly regulated industry, there are a multitude of external compliance requirements that banks must adhere to in the combat against fraudulent and criminal AML activity. ACL is here to help! To get you running we've got some great scripts to help import and prepare your data prior to auditing various controls throughout the banking process. Get started today
  • Last updated October 31, 2017

    The Bank Secrecy Act (BSA) is legislation that requires U.S. financial institutions to collaborate with the U.S. government in cases of suspected fraud or money laundering. It requires financial institutions to maintain records of transactions and file reports of suspicious activity.

    U.S. Department of Treasury - Office of the Comptroller of the Currency (OCC): Bank Secrecy Act (BSA). As a work of the U.S. government, this product is not subject to copyright protection.

    Federal Financial Institutions Examination Council (FFIEC) 2014: Board of Governors of the Federal Reserve System, Consumer Financial Protection Bureau, Federal Deposit Insurance Corporation, National Credit Union Administration, Office of the Comptroller of the Currency, State Liaison Committee. As a work of the U.S. government, this product is not subject to copyright protection.

    Note: Use of the FFIEC data labels does not constitute an endorsement, recommendation, or favoring by the U.S. government or the FFIEC, nor has the FFIEC partnered with ACL Services Ltd. on this publication.
  • Last updated November 23, 2017

    The Bank Secrecy Act (BSA) is legislation that requires U.S. financial institutions to collaborate with the U.S. government in cases of suspected fraud or money laundering. It requires financial institutions to maintain records of transactions and file reports of suspicious activity.

    U.S. Department of Treasury - Office of the Comptroller of the Currency (OCC): Bank Secrecy Act (BSA). As a work of the U.S. government, this product is not subject to copyright protection.

    Federal Financial Institutions Examination Council (FFIEC) 2014: Board of Governors of the Federal Reserve System, Consumer Financial Protection Bureau, Federal Deposit Insurance Corporation, National Credit Union Administration, Office of the Comptroller of the Currency, State Liaison Committee. As a work of the U.S. government, this product is not subject to copyright protection.

    Note: Use of the FFIEC data labels does not constitute an endorsement, recommendation, or favoring by the U.S. government or the FFIEC, nor has the FFIEC partnered with ACL Services Ltd. on this publication.

EFT Risk Toolkit

Ensure that the millions of payments passing through your organization are occurring smoothly and easily each day. ACL is arming you with the tools to manage electronic funds transfer (EFT) risk.

  • Automated Clearing House (ACH) monitoring in banking is a critical activity that can span a series of fraud schemes and fraudulent activity from bank employees and customers alike. Since banking is a highly regulated industry, there are a multitude of external compliance requirements that banks must adhere to in the combat against ACH fraudulent and criminal activity. ACL is here to help! To get you running we've got some great scripts on auditing various controls throughout the banking process. Get started today!

Banking Op Risk Toolkit

Financial institutions are facing an ever-expanding landscape of compliance expectations, and operational and compliance risks have become more complex and intertwined. In this toolkit we offer you the necessary tools for managing your banking operational risk, from benchmarking to metrics and assessments.

  • The Financial Services - Banks and Lending Enterprise Risks are used by company's within the banking vertical to identify top risks that may affect their organization. These banking and lending enterprise risks were taken from 10-K reports from top banking companies within the S&P 500 Financial Index. As a required submission to the SEC, 10-K reports are publicly available online.

Banking Consumer Risk Toolkit

Compliance expectations are higher than ever before, so how do you ensure that your team is armed with the tools to avoid conducting unfair, misleading, and discriminatory practices? Get the assurance you need for consumer protection.

  • Last updated October 31, 2017

    Unfair, deceptive, or abusive acts and practices (UDAAPs) can cause significant financial injury to consumers, erode consumer confidence, and undermine the financial marketplace. It is unlawful for any provider of consumer financial products or services or a service provider to engage in any unfair, deceptive or abusive act or practice. The CFPB has enforcement authority to prevent unfair, deceptive, or abusive acts or practices in connection with any consumer financial product or service, and has supervisory authority for detecting and assessing risks to consumers and to markets for consumer financial products and services. Consumer Financial Protection Bureau (CFPB) Supervision and Examination Manual (2017) - Unfair, Deceptive or Abusive Acts or Practices (UDAAPs), October 2012.
  • Last updated October 31, 2017

    The Fair Credit Reporting Act (FCRA) is United States federal legislation that promotes accuracy, fairness and privacy for data used by consumer reporting agencies. Consumer reporting agencies include credit bureaus and financial agencies -- such as those that sell information about rental history records. In 2010, the Consumer Financial Protection Bureau (CFPB) was granted rule-making authority under FCRA. On December 21, 2011, the CFPB restated FCRA regulations under its authority at 12 CFR Part 1022, also known as CFPB Fair Credit Reporting – Regulation V. Consumer Financial Protection Bureau (CFPB). U.S. Government Publishing Office (GPO) Electronic Code of Federal Regulations (eCFR).
  • Last updated October 31, 2017

    The Gramm-Leach-Bliley Act (GLBA) governs the treatment of nonpublic personal information about consumers by financial institutions. In 2000, the Board of Governors of the Federal Reserve System (Board), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), and the former Office of Thrift Supervision (OTS), published regulations implementing provisions of GLBA governing the treatment of nonpublic personal information about consumers by financial institutions. The Consumer Financial Protection Bureau (CFPB) was granted rule-making authority for most provision of GLBA, as well as examination and enforcement authority with respect to financial institutions and other entities subject to the CFPB's jurisdiction. On December 2011, the CFPB recodified the GLBA regulations under its authority at 12 CFR Part 1016, also known as CFPB Privacy of Consumer Financial Information – Regulation P. Consumer Financial Protection Bureau (CFPB). U.S. Government Publishing Office (GPO) Electronic Code of Federal Regulations (eCFR).

FDIC Compliance Toolkit

Do you have the right systems in place to be prepared for the next Federal Deposit Insurance Corporation (FDIC) examination? ACL's curated selection of tools will help you to gain the assurance and oversight you need.

  • Last updated November 17, 2017

    The Equal Credit Opportunity Act (ECOA) prohibits discrimination in any aspect of a credit transaction. It applies to any extension of credit, including extensions of credit to small businesses, corporations, partnerships, and trusts. The Consumer Financial Protection Bureau’s (CFPB) Regulation B, found at 12 CFR Part 1002, implements ECOA. Regulation B describes lending acts and practices that are specifically prohibited, permitted, or required.
  • Last updated November 17, 2017

    The Gramm-Leach-Bliley Act (GLBA) governs the treatment of non-public personal information about consumers by financial institutions, and establishes rules governing duties of a financial institution to provide particular notices and limitations on its disclosure of nonpublic personal information. The Consumer Financial Protection Bureau’s (CFPB) Regulation P, found at 12 CFR Part 1016, implements GLBA.
  • Last updated November 17, 2017

    The Home Mortgage Disclosure Act (HMDA) requires lenders to report the ethnicity, race, gender, and gross income of mortgage applicants and borrowers to help show whether financial institutions are serving the housing credit needs of the neighborhoods and communities in which they are located, and to assist in identifying possible discriminatory lending patterns and enforcing anti-discrimination statutes. The Consumer Financial Protection Bureau’s (CFPB) Regulation C, found at 12 CFR Part 1003, implements HMDA.
  • Last updated December 1, 2017

    The FDIC's Trust Examination Manual is designed to assist regulators in planning and conducting regulatory examinations of trust departments. The manual serves as a comprehensive reference on trust concepts, principles, common and statutory law - both State and Federal - and regulations along with the applicable regulations that together govern the behavior of fiduciaries.

    Federal Deposit Insurance Corporation (FDIC) 2016. As a work of the U.S. government, this product is not subject to copyright protection.

    Note: Use of the FDIC data labels does not constitute an endorsement, recommendation, or favoring by the U.S. government or the FDIC, nor has the FDIC partnered with ACL Services Ltd. on this publication.

Banking IT Risk Toolkit

Cybersecurity, privacy, confidentiality, ITGC, vendor oversight... sigh. Get a handle on your framework, controls, and policies through our ready-built tools for IT standards and frameworks.

  • Last updated October 31, 2017

    The InTREx Program is an enhanced, risk-based approach for conducting IT examinations. The Program helps to ensure that financial institution management promptly identifies and effectively addresses IT and cybersecurity risks.

    Federal Deposit Insurance Corporation (FDIC) 2016. As a work of the U.S. government, this product is not subject to copyright protection.

    Note: Use of the FDIC data labels does not constitute an endorsement, recommendation, or favoring by the U.S. government or the FDIC, nor has the FDIC partnered with ACL Services Ltd. on this publication.
  • Last updated November 2, 2017

    The InTREx Program is an enhanced, risk-based approach for conducting IT examinations. The Program helps to ensure that financial institution management promptly identifies and effectively addresses IT and cybersecurity risks.

    Federal Deposit Insurance Corporation (FDIC) 2016. As a work of the U.S. government, this product is not subject to copyright protection.

    Note: Use of the FDIC data labels does not constitute an endorsement, recommendation, or favoring by the U.S. government or the FDIC, nor has the FDIC partnered with ACL Services Ltd. on this publication.
  • Last updated October 31, 2017

    This “Information Security” booklet is an integral part of the Federal Financial Institutions Examination Council (FFIEC) Information Technology Examination Handbook (IT Handbook) and should be read in conjunction with the other booklets in the IT Handbook. This booklet provides guidance to examiners and addresses factors necessary to assess the level of security risks to a financial institution’s information systems. It also helps examiners evaluate the adequacy of the information security program’s integration into overall risk management.

    Federal Financial Institutions Examination Council (FFIEC) 2014: Board of Governors of the Federal Reserve System, Consumer Financial Protection Bureau, Federal Deposit Insurance Corporation, National Credit Union Administration, Office of the Comptroller of the Currency, State Liaison Committee. As a work of the U.S. government, this product is not subject to copyright protection.

    Note: Use of the FFIEC data labels does not constitute an endorsement, recommendation, or favoring by the U.S. government or the FFIEC, nor has the FFIEC partnered with ACL Services Ltd. on this publication.
  • Last updated October 31, 2017

    This booklet is one in a series that comprise the Federal Financial Institutions Examination Council (FFIEC) Information Technology Handbook (IT Handbook). It provides guidance to examiners and financial institutions on risk management processes that promote sound and controlled operation of technology environments.

    Federal Financial Institutions Examination Council (FFIEC) 2014: Board of Governors of the Federal Reserve System, Consumer Financial Protection Bureau, Federal Deposit Insurance Corporation, National Credit Union Administration, Office of the Comptroller of the Currency, State Liaison Committee. As a work of the U.S. government, this product is not subject to copyright protection.

    Note: Use of the FFIEC data labels does not constitute an endorsement, recommendation, or favoring by the U.S. government or the FFIEC, nor has the FFIEC partnered with ACL Services Ltd. on this publication.
  • Last updated October 31, 2017

    The New York State Department of Financial Services (DFS) implemented this Cybersecurity regulation to promote the protection of customer information as well as the information technology systems of regulated entities. The regulation requires banks, insurance companies, and other financial services institutions regulated by the Department of Financial Services to establish and maintain a cybersecurity program designed to protect consumers’ private data and ensure the safety and soundness of New York’s financial services industry.

    New York State Department of Financial Services (DFS). This regulation is available for download at http://www.dfs.ny.gov/legal/regulations/adoptions/dfsrf500txt.pdf.

Not what you were looking for? Explore more content suites

Governments & Higher Education

  • Grants Management Toolkit
  • OMB A-123 Toolkit
  • Government IT Compliance Toolkit
  • And more

Financial Control Monitoring

  • Accounts Payable Toolkit
  • Vendor Management Toolkit
  • Human Resources Management Toolkit
  • And more

IT Governance

  • General IT Compliance Toolkit
  • NIST Toolkit
  • ISO 2700X Toolkit
  • And more

Subscription Value

  • GRC Subscription Value Toolkit
  • Analytics Subscription Value Toolkit
  • And more