*** September Project Update *** After a busy summer season of meetings and project development, a number of FSTC projects are poised to launch, as well as a strong pipeline in development. Our Standing Committees (SCOMs), especially those in Business Continuity, Security, and Check Imaging and Truncation, continue to broaden their participation, and build upon a foundation of dialog and action that leads to FSTC projects. In the past few weeks, we issued two new calls for participation: e-Authentication Proof-of-Concept, and Business Continuity Compliance and Status Reporting. See http://fstc.org/projects/new.cfm . In addition, we have recently completed projects in Image Quality and Usability Assurance Phase I, Technology Recovery Best Practices, and Survivability of Check Security Features. Details on these recent projects can be found at: http://fstc.org/projects/past.cfm . FSTC provides an action-oriented, collaborative forum for our members to address shared business opportunities and challenges through technology projects and knowledge-sharing. We view our projects as our core activity, and one of the key benefits of FSTC membership is eligibility to participate in these projects. In our efforts to keep our members and friends up-to-date on the latest developments in these active and developing initiatives, we provide our colleagues this periodic project update As always, please contact me or Zach Tumin, FSTC Executive Director, for more information. Or visit our website at http://fstc.org. Active Projects: 1. Counter-Phishing Phase I Projects in Formation: 1. e-Authentication: Business and Technology Proof-of-Concept (call for participation issued 9/8) 2. Business Continuity: Compliance and Status Reporting (call for participation issued 9/8) Projects in Development: 1. Image Quality and Usability Assurance Phase II 2. Survivability of Check Security Features Phase II 3. Treasury Services Integration: Data Exchange and Customer Connectivity through Web Services 4. Transformation to Open Mission Critical Systems 5. Minimum Essential Finance (MEF) ______________ ACTIVE PROJECTS: 1. Counter-Phishing Phase I (launched July 2004, expected to complete in December) http://fstc.org/projects/counter-phishing-phase-1/ FSTC has launched a phased initiative to address the problem of phishing and related threats in financial services, as it affects the relationship between customer and firm. In collaboration with other industry groups, FSTC will focus on defining the unique technical and operating requirements of financial institutions (FIs) for counter-phishing measures; investigating counter-phishing technical solutions, proving and piloting solution sets enabled by technology to determine their fit against FI criteria and requirements; and clarifying the infrastructure fit, requirements, and impact of these technologies when deployed in concert with customer education, enforcement, and other industry initiatives. The benefits to participants are: industry-vetted due diligence and scaling of the current problem and its future evolution; insight into peer institution strategies and assessments; and definition of an industry response that may be best undertaken with collaboration between key industry segments. 12 financial institutions and over 15 technology companies are participating in the 5-month first phase. This project originates from the Security SCOM: co-chaired by Mike McCormick of Wells Fargo, and Mike Versace of NEC. Please contact FSTC Managing Executive Gene Neyer for more information (gene.neyer@fstc.org). (http://fstc.org/advisory/security.cfm) ______________ PROJECTS IN FORMATION: 1. e-Authentication: Business and Technology Proof-of-Concept (call for participation issued 9/8/04) http://fstc.org/projects/new.cfm#eauth This 5-month project will assess the viability of the potential business opportunity that exists for financial institutions to leverage their online customer relationships and provide an authentication service to government agencies, and to integrate these services into financial institutions' online applications. FSTC, jointly with the GSA's E-Authentication Initiative Project Management Office (EAI PMO), propose to launch a three-track project to ascertain the business model, legal framework, and technical viability of using institutions' identity credentials to permit consumers and businesses to access secure online government applications. The GSA is funding the business track of the initiative. There is no cost to financial institutions, and a $5,000 fee for associate and advisory members. In addition, a resource commitment is required for all participants, as outlined in the prospectus. Participation commitments are requested by Sept 24th, and the target kickoff is the week of October 4th. ______________ 2. Business Continuity: Compliance and Status Reporting (call for participation issued 9/8/04) http://fstc.org/projects/new.cfm#compliance The FSTC Business Continuity Standing Committee proposes an initiative to assist the financial industry in coming to a common understanding on the meaning of continuity regulation, prioritization of compliance related activities, and creating efficiencies in documenting regulatory compliance status. To establish a clear understanding of the regulatory environment, a list of continuity related guidance will be pulled together along with the name of the agency responsible. Each regulation will be reviewed and a clearly worded summary of the continuity requirements will be developed. Where possible the regulatory agencies will be contacted for clarification on specific points. Common themes and requirements will be documented and prioritized.
From the continuity regulation summary, a questionnaire will be developed which will allow a FI to provide or collect continuity compliance status. The project will focus on providing straight forward interpretations of what is needed for an FI to comply with current regulations.
This project is sponsored by the Business Continuity SCOM, co-chaired by Tom Hirsch of US Bank, and Damian Walch of IBM. Please contact FSTC Managing Executive Charles Wallen for more information (charles.wallen@fstc.org). ______________ PROJECTS IN DEVELOPMENT: 1. Image Quality and Usability Assurance: Phase II (proposal being finalized) http://fstc.org/projects/new.cfm#iqa2 In Phase I, more than 20 companies, representing 2/3 of US check volume, most major vendors, and key industry associations, undertook a 90-day effort to assess the impact of poor quality check images, and defined 16 technical metrics and 4 usability levels that can be used to measure image quality and usability in a standard and interoperable way. The findings of the Phase I project team justified further development, to test these metrics in a real-world scenario, on millions of images, to determine the quantitative thresholds for the 16 metrics that will define a minimum baseline "standard" for acceptable quality images for the industry. The business objectives are to maximize efficiencies, cost savings, and ensure strong adoption of image exchange. The project will undertake a robust, "real-world" analysis and test to provide actionable specifications and direction to the industry to allow financial institutions, technology vendors, standards organizations, and other key partners to collectively implement baseline image quality and usability through industry collaboration under the FSTC umbrella. This project originates from the Check Truncation SIG (http://fstc.org/advisory/check-truncation.cfm), co-chaired by Katrina Brown, Wells Fargo; Glen Ulrich, US Bank; and Ian Goodall, NCR. A call for participation is expected during the month of September. ______________ 2. Survivability of Check Security Features Phase II As a follow-on to the recently completed Phase I (http://fstc.org/projects/csf/), this initiative will seek to develop interoperability specifications for automated security feature verification engines. As a growing number of vendors offer security features targeted at surviving the imaging process, institutions face a growing number of proprietary verification engines that must be installed and configured to validate these features during processing. The objective of this initiative is to make is less expensive and easier to manage the implementation of these security feature verification products. This project originates from the Check Truncation SIG (http://fstc.org/advisory/check-truncation.cfm). More information on this project will be published in the next month or so. ______________ 3. Treasury Services Integration: Data Exchange and Customer Connectivity through Web Services (on hold) http://fstc.org/projects/new.cfm#tsi As a potential Phase II following the previous Web Services for Corporate Cash Management effort, a core group of FSTC institutions and technology companies have defined key business objectives and deliverables for a discovery phase, and subsequent pilot-level project utilizing Web Services in the Treasury Services / Cash Management area. The project, as it currently stands, will seek to further develop the Phase I set of web services and associated definitions to create new and open-standards-based connectivity options between banks, and between banks and their customers. The business goals are to enable standards-based "plug-and-play" integration capabilities between institutions and customer platforms, whether ERP, Treasury Work Station (TWS), or desktop. A core group of financial institutions and technology companies has committed to launching this initiative in the second half of 2004. This project is considered on-hold until later this year. ______________ 4. Transformation to Open Mission Critical Systems The transformation of systems from higher cost or proprietary delivery to open systems is one of the most hotly debated and discussed topics in financial services IT. While there is great promise in the flexibility and efficiencies gained, there is also risk and cost. An FSTC project will soon form up to determine answers to such key questions as, "Are those transformations viable?" and "What are the costs and processes by which a successful transformation program will be run?" The vision of this initiative is to bring together financial institutions to investigate the needs, processes, best practices, technology issues, risk factors, organizational issues and lessons-learned for transformation projects which move core business processes from legacy IT assets to open systems. We will provide additional details shortly. If you are interested in joining an interest group around this topic, please contact us. ______________ 5. Minimum Essential Finance (MEF) In its early stages, FSTC and its members are in dialog with numerous government and industry organizations to explore interest in an initiative to identify the minimum essential elements of our financial system, and to develop a plan and process to ensure that it remains operational in the event of a disruption to normal operations. A workshop is currently being planned for this fall for multiple public and private sector organizations to develop this concept further. If you are interested in joining this dialog, please contact Zach Tumin at zachary.tumin@fstc.org . ______________ ## ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://ls.fstc.org/subscriber> --- end forwarded text -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'