Preparing and responding to new certification requirements

Third-party risk, cybersecurity, and identity fraud continue to dominate headlines as organizations enhance governance to ensure effective internal controls that can thwart off potential threats. Given the current landscape, the US federal government recently enacted rule 15 CFR Part 11101 to create additional safeguards for entities requesting access to the Limited Access Death Master File (LADMF).

The LADMF is a data file made available by the US Department of Commerce’s National Technical Information Service (NTIS), which lists all individuals with social security numbers whose deaths were reported to the Social Security Administration from 1936 to present. The LADMF has many practical uses that span across industries such as insurance, banking, health care, public sector, and investment management, with the primary focus on the accuracy and completeness of data records. It’s an effective tool to assist entities in their efforts to assess mortality as a means to prevent or detect fraud and govern key transactions (e.g., substantiating information provided by applicants for loans and lines of credit, confirming annuity payments and retirement benefits are not paid to deceased individuals, authenticating insurance policy death claims, appropriately reverting abandoned property, etc.). The new rule, which became effective on November 28, 2016, requires entities requesting access to the LADMF to undergo an assessment by an independent third party known as an accredited conformity assessment body (ACAB). An ACAB’s role is to confirm that the entity has systems, facilities, and procedures in place to safeguard LADMF information. The requirement for an independent assessment of LADMF-related internal controls from a third party is a significant shift from the requirements under the interim rule published in March 2014. It’s therefore imperative that entities requesting the LADMF take the appropriate steps to ensure alignment to the requirements under the new rule. Read complete article here.


Content Protection by