SAS 70 Compliance
Although we are a private small business and not subject to the requirements of the SAS 70 standards, we are committed to providing our clients with information about our processes and control procedures to ensure that our service is credible and precise. This information includes the following:
 |
Credibility
- Our staff and board of directors: As a leader in asset/liability management systems for nearly 40 years, our team of analysts brings an exceptional level of experience to your bank.
- Regulatory Activities: In nearly forty years in the industry, we have had the opportunity to work with a number of regulatory organizations on the state and national level. We have performed seminars for bank examiners; our data has been published in several regulatory publications; and we integrate data from several regulatory agencies for much of our benchmarking and analyses.
- Bank Service Company Act (FDIC): We provide our clients with Form OMB NUMBER 3064-0029
 in accordance with the reporting requirements of the Bank Service Company Act. The Act requires insured financial institutions to notify their appropriate federal banking agency in writing of contracts or relationships with third parties that provide certain services to the institution. The type of services we provide do trigger the notification requirements of the act. While the form is optional, it eases the compliance process for our clients.
- Bibliography: Our data has been published in numerous publications, including an important article about Interest Rate Risk in
 the FDIC Bank Trends newsletter. In addition, our staff have written several articles and their expert opinions have been quoted in a number of industry publications.
- Industry presentations and programs: Our president, Brad Olson, has presented many seminars at industry conferences,
 individual banks, banking schools, and state examiner meetings. In addition, he is part of the regular agenda at the FFIEC at the FFIEC's Supervisory Updates and Emerging Issues Conference in Arlington, VA.
- Our colleagues and partners: We have developed a long-term relationship with the Conference of State Bank Supervisors
 (CSBS) to deliver educational opportunities. Additional references can be provided by our colleagues and consulting partners.
|
|
Explanation of Our Modeling Process
A standard element of our deliverables to clients is a description of our modeling process which we include as part of every Executive Report. The report includes:
-
A description of model purpose and design.
-
Model theory, including the logic behind the model and sensitivity to key drivers and assumptions.
-
Data needs.
- Detailed operating procedures.
|
|
Data Integrity and Security Measures:
- Internet Security: To ensure proper encryption and certificate validation when requesting sensitive sign-in
 information, we use Thawte, a well-known security validation company.
- Confidentiality: ORA agrees to use the information provided by Clients only for the purposes set forth in Agreements to provide specific services and shall not otherwise disclose, use, disseminate or provide the information to any third party.
|
|
Independent Model Validation
- The consistency and accuracy in our modeling approach over the past 40 years has gained recognition from regulators, bankers, accountants, and analysts across the industry.
- Our model has been validated by independent auditing firms. More validation information can be found here.
|
|
DUNS Credit Report
- We have been serving clients for nearly 40 years and have a well-established credit rating which can be obtained from Dun &
 Bradstreet. Our DUNS number is: 11-620-4439
|
|
Disaster Recovery Plan
- In the event of an emergency that affects our business processes, Olson Research has the following disaster recovery and contingency plan in place.
|
