Governance: Customer Privacy
The ethical collection, use, sharing and retention of customer data are requirements for building data trust. We believe creating data trust combines the elements of data privacy and data security. As such, the company’s CISO also serves as the Privacy Officer, and the privacy program is overseen by the Risk Committee of the Board.
The Privacy Officer is responsible for implementing privacy practices and ensures compliance with applicable privacy regulations. We apply privacy-by-design in the development of our applications and also establish processes to fulfill data requests from our customers.
Risk assessments are performed on an annual basis to evaluate the company’s ability to protect customers’ private information; risk results as well as the company’s overall compliance status are reported to the Risk Committee.
Standards of Conduct
The Audit Committee of the Board of Directors annually reviews and approves the company’s Standards of Conduct on which employees are annually trained and attest to. Each member of the Board of Directors takes an annual Oath of Office prescribed by the Office of the Comptroller of the Currency (OCC) and is bound by the company’s Code of Ethics.
The company’s annual proxy statement identifies responsibilities of board committees including the company’s capital planning process.
The company’s 10-K reviews a wide array of company performance factors, including any monetary losses as a result of legal proceedings associated with fraud, insider trading, anti-trust, anti-competitive behavior, market manipulation, malpractice, or other related financial industry laws or regulations.