Rule requires banks report significant ‘computer-security incidents’ within 36 hours
By 
Aaron Nicodemus2021-11-19T21:15:00
Federal banking regulators issued a rule that requires financial institutions to notify their regulator within 36 hours of a “computer-security incident” that materially affects their operation, ability to deliver services, or the stability of the financial sector.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
ArticleFINRA notice outlines key areas for supervising third parties
The Financial Industry Regulatory Authority issued a notice on compliance deficiencies arising from firms’ relationships with vendors culled from examination findings.
-
ArticleTakeaways from NYDFS ransomware guidance
The New York State Department of Financial Services has issued guidance for regulated entities describing best practices for reducing the risk of a ransomware attack.
-
ArticleNYDFS regulation a best-practices model for cyber-security training
Companies must make cyber-security a continuous priority as threats evolve, often more quickly than the technology and regulations to counter them. That’s why the New York Department of Financial Services, under Maria Vullo, developed a policy that should act as a model for organizations.
More from Regulatory Policy
-
ArticleBank of England tightens liquidity requirements for U.K. banks
U.K. banks must reassess how quickly they could monetize their assets in the event of a crisis under new rules proposed by the Bank of England’s regulatory body, the Prudential Regulation Authority. The proposals are the first changes to the liquidity rules since these were updated in the aftermath of ...
-
ArticleEurope’s groundbreaking crypto rules put at risk by delays in implementation
Europe may have taken the lead in attempting to regulate cryptoasset firms before any other major jurisdiction, but a year after the ground-breaking rules came into force, it does not necessarily follow that they are robust or that the industry they are meant to hold accountable is embracing them.
-
ArticleCompliance must focus on corruption as EU and U.K. seek to tackle rising risks
Corruption isn’t something that happens somewhere else, in other countries and committed by other people. Nowhere is corruption-proof, and new rules being introduced in the EU and the U.K. aim to focus compliance officers on the full gamut of risks in all jurisdictions and every sector.