Rule requires banks report significant ‘computer-security incidents’ within 36 hours
By 
Aaron Nicodemus2021-11-19T21:15:00
Federal banking regulators issued a rule that requires financial institutions to notify their regulator within 36 hours of a “computer-security incident” that materially affects their operation, ability to deliver services, or the stability of the financial sector.
Related articles
-
ArticleFINRA notice outlines key areas for supervising third parties
The Financial Industry Regulatory Authority issued a notice on compliance deficiencies arising from firms’ relationships with vendors culled from examination findings.
-
ArticleTakeaways from NYDFS ransomware guidance
The New York State Department of Financial Services has issued guidance for regulated entities describing best practices for reducing the risk of a ransomware attack.
-
ArticleNYDFS regulation a best-practices model for cyber-security training
Companies must make cyber-security a continuous priority as threats evolve, often more quickly than the technology and regulations to counter them. That’s why the New York Department of Financial Services, under Maria Vullo, developed a policy that should act as a model for organizations.
More from Regulatory Policy
-
News BriefHospitals, health IT face HHS crackdown for blocking electronic records
The Department of Health and Human Services is stepping up its enforcement against hospitals and other health entities that block the sharing of electronic health records.
-
ArticleDigital wallets should speed up compliance, but companies must focus on trust and security
The EU has one, the U.K. is getting one, many U.S. states are working with Google and Apple to provide one, and now industry sectors are developing their own digital wallet.
-
News BriefFinCEN again delays U.S. ban on three Mexican financial institutions
The order barring three Mexican financial institutions from doing business with U.S. financial institutions has been delayed until October.