Bank-A-Count's Vendor Compliance
Bank-A-Count Corporation receives numerous and frequent vendor compliance inquiries from clients as related to their own best practices and those recommended by various regulatory authorities. The specific requests that Bank-A-Count receives from its diverse national customer base vary in nature, but commonly ask for help in documenting vendor compliance and satisfying their own audit concerns. To address the most common questions that come up in the most efficient manner, we have provided a standardized response below.
Background and Company Information
Bank-A-Count Corporation is incorporated in the state of Wisconsin, with its main office in Rudolph, Wisconsin. We are privately-owned, and have been in continuous operation since 1955. Our President and majority owner has been with the company since 1970, and Senior Vice-President has been with the company since 1981. Due to the private ownership of our company, financial statements are not publicly available.
Bank-A-Count has two separate production facilities located in Rudolph, Wisconsin and an administrative office in Wisconsin Rapids, Wisconsin. Bank-A-Count’s client base covers the United States and includes banks, credit unions, property management companies and clients from many other industries.
Client Confidentiality - Request Confidentiality Agreement
The management and staff at Bank-A-Count recognize, understand and respect the need to maintain the confidentiality of any data provided by its clients for the completion of their print orders. Bank-A-Count has established practices, policies and controls in place to protect the privacy and confidentiality of its clients and their customer data. An independent third party conducts periodic audits of our practices to assure compliance.
Contracts and Signed Agreements - Request Service Agreement
Bank-A-Count Corporation does not require its clients to enter into a written contract binding them to order its products. Upon request, we are happy to provide a standard formal Service Agreement, and, upon request we are also happy to review a written contract which might be proposed by the client.
Physical Security Measures
Bank-A-Count Corp has implemented physical perimeter security measures at our various facilities which we believe are adequate to ensure that physical access is granted only to those with proper authorization. Entry is controlled at each of our facilities, which are locked with limited access points. In the rare event of any outside vendors with access, such as specialized equipment maintenance staff, agreements are executed with Bank-A-Count Corp to ensure their compliance with our rules as well. Physical security of our computer systems and file servers includes restricted access, appropriate climate controls, offsite backups, and power protection via uninterruptible power supplies.
Information Technology Security
Bank-A-Count Corp takes various measures to ensure the security of data stored on our systems and networks. The company regularly trains and reminds our staff about the need to safeguard data. Our security measures include a risk assessment of our IT environment, assessment of the likelihood of potential threats and vulnerabilities and procedures for managing and controlling IT security risk. Bank-A-Count Corp has a formal intrusion detection program whereby we monitor and log all attempts and senior management is kept periodically informed of security events and remediation.
Specifically, our IT security program includes policies, procedures, and guidelines for securing, maintaining, and monitoring systems and platforms including our core system, remote access to our core system, local area networks, wide area networks, routers, modems, security devices such as firewalls, and portable devices, such as laptops. Password protection is in place for all devices accessing our systems, and users are assigned permissions only for those systems specifically required for the performance of their duties. Bank-A-Count Corp’s senior management regularly reviews and monitors our IT security program, and monitors and approves IT projects, performance and operating costs.
Bank-A-Count Corp has in place appropriate policies and procedures related to physical and electronic records management and retention.
Bank-A-Count Corp’s process for hiring new staff includes appropriate background checks and screening, consistent with applicable law. In the event of a terminated employee, a process is in place to ensure the security of any data which may have been accessible by the employee.
For the protection of Bank-A-Count Corp and its clients, Bank-A-Count Corp maintains appropriate amounts of commercial and general liability insurance professional liability insurance.
SOC3 Audit Report - available for immediate download HERE
Our SOC3 Audit Report details policies regarding confidentiality and privacy. It is prepared
by an independent 3rd party audit firm and is available for immediate download.
The SOC3 Report will fulfill most due diligence requirements.
SOC2 Audit Report - Request SOC2 Audit Report
Bank-A-Count periodically engages an independent 3rd party audit firm to conduct a detailed and comprehensive SOC2 Audit. A printed copy of the most recently completed report is available on request to appropriate parties upon receipt of their signed agreement to maintain the confidentiality of the information contained within the SOC2 Audit report.
Updated: July 2017