BHC Mean Bank Holding Company

Bank Holding Company is a company that owns one or more subsidiary banks. There is no regional designations for such a company, but often they are interstate and international. These companies are usually interstate because there is no reason to hold multiple bank brands within a given state. Many of these companies are international, reaching both investors and clients abroad.

Bank Holding Companies are supervised by the Federal Reserve.

chevy chase capital one


About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.


How super cookies threaten bank security

Super cookies threaten bank security by exposing both customer data in ways that are more discreet than ever before.


What are super cookies?

Super cookie are sometimes called zombie cookies. The most typical type of super cookie is called flash cookie because it is a cookie from Adobe Flash plug-in. Cookies are little bits of code websites leave on your browsers cookie folder so that it can remember your preferences and, should you choose to do so, account information and password. Basically, when you turn on your browser and you can get to your email or Facebook without having you login, the website has a cookie in your browser cookie folder. It is pretty convenient.

The usual threat

If this bit of code contains personal information, then of course your identity is threatened by anything that is going to try to retrieve it when it is not supposed to. The codes need to be deciphered, usually. There are lots of websites and phone applications known to have very security on their cookies, making it very simple to decipher. On a consumer level, this is dangerous because most consumers are not all that creative with their passwords, using the same one for all of their accounts.

The banking relevance

For banks, the threat is more real than ever. Transactions are usually legitimized in multiple ways: correctly identifying the transaction parties, correctly using the transaction accounts, correctly using passwords, matching payment sender and receiver, matching banking institutions and on and on. Most of these matches have been nearly eliminated because the banking system has taken care of most of them, having the consumer contact points reduced to the point of sale.

The primary banking threat

Now that the whole purchasing process can take place online, a digital path can be created for transactions. Here’s how it works: Jaco wants to purchase a bass guitar. He goes to and looks around. Jaco looks are strings and pick-ups and amplifiers along with bass guitars. He purchases a rare Flea Bass and nothing else. SBGGM keeps a cookie on his computer so that when he returns the website can present him with suggestions based on his purchase and his surfing history. If Jaco deletes the SBGGM cookie, then his return visit will not have any suggestions based on his surfing history. If SBGGM uses Adobe Flash on its website and creates a cookie in Adobe Flash, it keeps the cookie in an Adobe folder rather than a browser folder. Jaco’s return visit, will show him suggestions based on his previous visits even if he deleted SBGGM’s browser cookie. A cyber criminal can hack into Jaco’s computer, get onto SBGGM’s website, get on Jaco’s account, make purchases from the website suggestions, have them shipped to another address. From there, bought items could be sold for money. To add an additional layer of stealth, the cyber criminal can make purchases that are small every month to go undetected, especially if Jaco tends to just pay for all of the credit card balance at the end of each month. As long as the consumer does not pay attention to every transaction, consumer is paying for these transactions. Banks have been flooded with small fraudulent transactions. These transactions make banking more expensive for everyone.

Because super cookies circumvent a consumer’s deliberate attempt to erase information trails, it poses a super threat.

About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.

How Net Neutrality Threatens Banks

Tom Wheeler is being credited for being the twenty first century’s Senator Joseph Kennedy.Tom_Wheeler_FCC

Last week, Tom Wheeler, Chairman of the Federal Communications Commission (FCC), publicly announced his support for Net Neutrality.


1219px-FCC_New_Logo.svgNet Neutrality is the name of the principle that all internet service providers (ISPs) should provide equal access to the their content providers. Proponents of Net Neutrality claim that it is this principle that has enabled many small content providers, social networks and economic platforms to flourish. Without continuing a policy that implements this principle, the next developing the next big thing will be so expensive that it won’t happen, at worst, or will happen in other economies, at best. Also, proponents are argue that a tiered service would amount to content discrimination. Proponents include Yahoo!, eBay, Amazon, Microsoft, Lawrence Lessig, Steve Wozniak and, even, President Barack Obama.

Those against Net Neutrality argue that the current system hinders financing the development of better telecom infrastructure, customers, especially lower income customers, are subsidizing large bandwidth heavy content providers and effectively lowering the service quality they receive. Those against Net Neutrality include major telecommunications providers, internet service providers and free market types. (Sadly, the names against Net Neutrality just aren’t as well known as the proponents, thereby making it unnecessary to enumerate.)

Both sides are correct.

Net Neutrality logoCurrently, Net Neutrality is in place. This means that when most people go online to do bandwidth heavy activities, such as listening music on Spotify or Pandora, or watching videos on Youtube or Netflix, no additional charges are incurred. If Net Neutrality was done away with, either the customers or the music and video providers or a combination of the two will have to pay for the heavy bandwidth. Seems more expensive?

Well, imagine if you are one of those creative types who are trying to develop something that will compete with YouTube, one of the groups of people proponents would like to protect. Because your competitor is providing their service for free, no one wants to go to your site. You are ten years behind and whatever great idea you have is very unlikely to get the notice to effectively compete with the established players. Customers are getting a great experience with existing industry players but they are missing out on potentially others.

There are more ways to think about what the alternative universe would look like in a world without Net Neutrality. One can even look at other developed economies to see how their industries have fared without Net Neutrality. Most common example is the United Kingdom.

How Net Neutrality Threatens Banks

Banking on both retail and investment side are being done more and more on the internet. Banking was one of the first industries to adopt internet technology. this makes sense since banking is a transaction system. Anything that helps to reduce the cost, increase the speed and better secure transactions would make an industry player more competitive.

Banking industry has experienced two major transitions in the last century. First was the transition from currencies backed by precious metals to fiat currencies. Second was from fiat currencies to digital currencies. Today, nearly all of the $2 Trillion in currency transactions per day are done digitally between computers. Despite the fact that the US Dollar and other currencies are government backed, in nature they aren’t much different from cyber-currencies like BitCoin. (There are some significant differences but those primarily have to do with the capabilities of the currency types, which, at this point, are not relevant for this discussion.)

Cyber-crime is performed in two primary ways. The “old school” method is to email or otherwise contact a person, deceive them in some way, and steal valuable information, which then can be used to “legitimately” tap into customer accounts. The more sophisticated method is to write codes that would do steal information or take over the processing capabilities to tap into customer accounts. These codes are, in many sense, the same as content. in order for Youtube to provide you with free videos, YouTube must develop code to do so. So, effectively, everyone is subsidizing the dissemination of cyber-crime.

Banks have been working very hard to secure themselves from both types of threats. Protection from phishing, the “old school” cyber-crime, banks require registering computers (via IP addresses) before entry into bank accounts. For institutional clients, this might be much more sophisticated than for retail customers but it is essentially the same.

To protect customers from code attacks, which are generally attacks directly on bank infrastructure, banks have hired technologists to develop hardware and software that protect servers.

Net Neutrality is a subject most people do not understand the nuances of, and, usually, favor without understanding the ramifications of its perpetuity. I am not taking a stance on either side of the discussion, but I think knowledge would do it great service.

About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.

Three Ways To Becoming A Compliance Professional

For the longest time, compliance officers were people with background in law and audit. These are still very useful ways to get into compliance. Over the past three decade, the regulatory environment for financial services firms have become so complex, compliance officers have started to develop training and credentials more focused on the broadened role their profession has taken. Here are three credentials the industry recognizes.

ACAMS LogoCAMS – Certified Anti-Money Laundering Specialist
A certificate that requires higher education, experience and passing an exam, it addresses the largest work of a compliance department. Additionally, three professional references are required to take the exam. The exam is computerized and takes 3.5 hours. There are 120 question in total. The body of knowledge required to pass the exam includes understanding:

  • how money is laundered,
  • various standards for policies and procedures to combat money laundering,
  • how to develop an anti-money laundering program,
  • how to conduct investigations, and
  • how to interact with regulators.

ACFE LogoCFE – Certified Fraud Examiner
A certificate that requires an undergraduate degree, experience and passing an exam, it cover fraud in all industries, not just financial services. The exam is taken at home or in the office with a Windows based web browser. The candidate has 10 hours to complete and submit the 125-question exam. The body of knowledge required to pass the exam includes understanding of:

  • Financial Transactions,
  • Law,
  • Investigation, and
  • Prevention.

ABA LogoCRCM – Certified Regulatory Compliance Manager
Provided by the American Bankers Association, this certificate requires three years of experience, and exam and a combination of conferences and continuing education credits. The 4-hour exam contains 200 questions and covers the regulatory compliance following topics:

  • Credit
  • Deposit
  • Bank Operations
  • CRA
  • Privacy

For all certificates, the profession must maintain membership and participate in continuing education.

About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.
He tweets @MoneyCompliance