Protecting Our Customers and Their Data
Cybersecurity Practice and Policy at Lake City Bank
Lake City Bank places great importance on information security, and cybersecurity, to protect against threats of all kinds. Lake City Bank’s Cybersecurity defense-in-depth strategy prioritizes monitoring, detection, and response methodologies to known, anticipated or unexpected cyber threats, effective management of cyber risks, and resilience against cyber incidents. Lake City Bank continuously strives to meet or exceed the industry’s information security best practices and applies controls to protect its customers.
Lake City Bank approaches cybersecurity with a defense-in-depth strategy that aligns people, process and technology with industry best practices to foster a culture of cybersecurity awareness. This culture of cybersecurity awareness starts with our people. Before new employees start their career with Lake City Bank, they must pass a comprehensive background check. Every employee’s first day with Lake City Bank begins with a full day of training that includes several hours focused on the bank’s cybersecurity practices. Training continues for every employee throughout the year, to ensure every employee is trained, tested, and capable of detecting and preventing Cybersecurity threats.
The Lake City Bank Cybersecurity Program incorporates a comprehensive set of policies and procedures that provide governance and direction over its dedicated Information Security and Technology teams. These policies and procedures define responsibilities related to separation of duty requirements, change management processes, user access controls, critical vendor due diligence efforts, technical readiness maturity, and incident response management procedures. In addition to annual audits by state and federal regulators, Lake City Bank enlists third party auditors specializing in network security and penetration testing activities that hold the bank accountable to these policies.
In addition to anti-virus and anti-malware software on all computer systems through the bank, Lake City Bank continually makes significant investments in implementing state-of-the-art monitoring, detection and response technologies and has created a dedicated Information Security Team that is charged with the continuous scanning of every computer, laptop, server, printer, and telephone, among other devices and endpoints, for known vulnerabilities and threats. These state-of-the-art technologies are designed to detect and prevent, among other things, malicious e-mails with links or attachments that may contain viruses and malware. In addition, systems are designed to detect the movement of files that contain customer information and prevent that information from leaving the Lake City Bank network unless specifically authorized.
Lake City Bank’s team is well trained and regularly reviews, tests, and practices its Incident Response Plan. The plan is updated regularly as new requirements related to incident readiness, response, and notification are enacted through regulation, industry best practice or other needs. The team tests the Incident Response Plan through annual exercises that simulate cyberthreat events, to be certain the team can act quickly, decisively, and instinctively to ensure the safety of your information, your money and your peace of mind.
Rest assured that the Lake City Bank technology teams are monitoring its network 24×7 to protect its customers’ information and assets. If you have any additional questions or concerns, please feel free to reach out to our Chief Technology Officer, Darrin McLaughlin through email or by calling (574) 371-9239.
Data Privacy and Information Security
Lake City Bank maintains an enterprise-wide privacy and security governance program not only to comply with regulations for data privacy and protection, but also because we believe it is in the best interest of our customers.
Based on our policy, we collect, retain and use information about consumers and customers only when we believe that gathering the information is useful and allowed by law to conduct business and/or to provide products, services or opportunities to our customers. Also according to policy, we respond promptly to customer requests to correct inaccurate information.
The bank provides online and mobile security awareness and identity theft information in a variety of ways to inform customers about how to protect themselves from hackers, identify potential fraud, and react if their personal information has been compromised. We provide information and links to external sources on our website, via email and through social media.
Bank Security Act
The Bank Secrecy Act (BSA), also known as the Anti-Money Laundering Law (AML), passed into law in 1970. Designed combat money laundering, the BSA established requirements for financial institutions that protect their clients, their communities and the country. Specifically, the law established requirements for recordkeeping and reporting suspicious activity that could indicate money laundering and other crimes.
Lake City Bank has integrated BSA controls into our processes and structure. Specifically, Lake City Bank maintains a BSA/AML compliance program including:
- Designating a BSA officer who is responsible for managing BSA/AML compliance
- Designing, implementing and maintaining internal controls to ensure ongoing compliance with the BSA, and due diligence of our customer base to identify beneficial ownership
- Conducting independent BSA/AML compliance testing
- Implementing yearly training for all bank employees based on their specific job responsibilities