Sec. 7. (a) As used in this section, “potential risks”, with respect to a proposed electronic activity by a financial institution, include the following:

(1) Legal risks.

(2) Transactional risks.

(3) Risk of the financial institution’s noncompliance with applicable statutes, regulations, or supervisory policies.

(4) Risk of harm to the financial institution’s reputation.

     (b) A financial institution’s board of directors and executive officers are responsible for ensuring that all potential risks are evaluated and taken into account before the financial institution undertakes any electronic activity. The board of directors and the executive officers may not delegate their responsibility under this subsection to other persons within the financial institution or to outside parties.

     (c) After a financial institution’s board of directors and executive officers have acted under subsection (b) to conduct an evaluation of the potential risks associated with an electronic activity, the financial institution may perform, provide, or deliver through electronic means or facilities any activity, function, product, or service that it is otherwise authorized to perform, provide, or deliver, subject to this chapter and any other applicable statutes, regulations, or supervisory policies.

As added by P.L.10-2006, SEC.32 and P.L.57-2006, SEC.32.