Privacy, Cybersecurity & Media

On November 18, 2021, the Office of the Comptroller of the Currency (OCC), the Federal Deposit Insurance Corporation (FDIC), and the Board of Governors of the Federal Reserve System (FRB) (each, an “Agency” and, collectively, the “Agencies”) finalized a uniform regulation, codified at 12 C.F.R. Part 53, 12 C.F.R. Part 225.300 and 12 C.F.R. Part 304, with the stated purpose of improving the sharing of information about cybersecurity incidents harmful to the U.S. banking system (the “Regulation”). Pursuant to the Regulation, banks will be required to notify their primary federal regulatory Agency within thirty-six (36) hours of “any significant computer-security incident.”Continue Reading Federal Bank Regulators Expand Duty to Notify after a Cybersecurity Event

Over the past two weeks, the international markets have been roiling under news that the COVID-19 virus, commonly referred to as the coronavirus, may be spreading.  The Board of Governors of the Federal Reserve System (the “Federal Reserve”), the Federal Deposit Insurance Corporation, the National Credit Union Administration, the Office of the Comptroller of the Currency and the Consumer Financial Protection Bureau (collectively, the “Federal Bank Regulators”) have not issued specific guidance or released public statements outlining their expectations for responding to issues arising from the spread of the coronavirus.  However, financial institutions should consider the potential impact (if any), including any regulatory impact, the coronavirus may have on institutions.  Below are considerations that should be discussed by boards of directors and senior management.
Continue Reading Coronavirus: Considerations for Financial Institutions

On April 10, 2018, the Federal Financial Institutions Examination Council (the “FFIEC”), an interagency body composed of the Board of Governors of the Federal Reserve System, Consumer Financial Protection Bureau, Federal Deposit Insurance Corporation, National Credit Union Administration, Office of the Comptroller of the Currency and the State Liaison Committee, issued guidance to assist financial institutions in analyzing the use of cyber insurance in an effective risk management program (the “Guidance”).
Continue Reading How to Evaluate Cyber Insurance Options?

Here are our observations on the 2018 OCC Bank Supervision Operating Plan:

– Cybersecurity is a top priority.

– Credit underwriting, as always.

– BSA is frequently mentioned.

– Business model sustainability and change management are emphasizing the M in CAMELS.

– Fair lending is far down the list.

Click here for the OCC press