Appendix B: Laws, Regulations, and Guidance



Resource TitleTypeDate
12 USC 1464 (d) (7): Home Owners' Loan Act (Thrifts)LawN/A
12 USC 1867 (c) (11): Bank Service Company Act (Banks)LawN/A
15 USC 6801: Gramm-Leach-Bliley ActLawN/A
Pub. L. No. 107-56: USA PATRIOT ActLawN/A

Federal Reserve Board

Resource TitleTypeDate
SR 00-4 (SUP): Outsourcing of Information and Transaction ProcessingGuidanceFebruary 2000
SR 00-17 (SPE): Guidance on the Risk Management of Outsourced Technology ServicesGuidanceNovember 30, 2000

Federal Deposit Insurance Corporation

Resource TitleTypeDate
FIL-49-99: Bank Service Company ActGuidanceJune 3, 1999
FIL-50-2001: Bank Technology Bulletin: Technology Outsourcing Information DocumentsGuidanceJune 4, 2001

National Credit Union Administration

Resource TitleTypeDate
NCUA Letter to Credit Unions No. 02-CU-17: E-Commerce Guide for Credit UnionsGuidanceDecember 2002
NCUA Letter to Credit Unions No. 01-CU-20: Due Diligence Over Third Party Service ProvidersGuidanceNovember 2001

Office of the Comptroller of the Currency

Resource TitleTypeDate
OCC Bulletin 2002-16: Bank Use of Foreign-Based Third-Party Service ProvidersGuidanceMay 15, 2002
OCC Bulletin 2001-47: Third-Party Relationships, Risk Management PrinciplesGuidanceNovember 1, 2001

Office of Thrift Supervision

Resource TitleTypeDate
12 CFR Part 570, Appendix B: Interagency Guidelines Establishing Standards for Safeguarding Customer InformationRegulationN/A
CEO Letter 113: Internal ControlsGuidanceJuly 14, 1999
Thrift Activities Handbook: Section 340: Internal ControlGuidanceDecember 2003
Thrift Activities Handbook: Section 341: Technology Risk ControlsGuidanceOctober 1997


Previous Section
Appendix A: Examination Procedures
Next Section
Appendix C: Foreign-Based Third-Party Service Providers