Latest Articles

On May 31, 2017, the Federal Financial Institutions Examination Council (FFIEC) released an update to its Cybersecurity Assessment Tool. The Cybersecurity Assessment Tool was originally released by the FFIEC in June of 2015 to help financial institutions identify their risks and assess their cybersecurity preparedness.  The Cybersecurity Assessment Tool is intended to be used by financial institutions of all sizes to perform a self-assessment and inform their risk management strategies. Upon the release of the…
Earlier this month, the new cybersecurity regulation from the New York Department of Financial Services (“DFS“) took effect. The new regulation requires banks, insurance companies and other financial services institutions regulated by the DFS to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of New York State’s financial services industry. The final cybersecurity regulation is very similar to the proposed regulation, which we reported on in a…
Last month, the Financial Industry Regulatory Authority (FINRA) released its annual Regulatory and Examination Priorities Letter (the “2017 Priorities Letter”) which highlights the areas that FINRA plans to focus on in its 2017 examination of registered broker-dealers. It should come as no surprise that cybersecurity is listed as one of the operational threats that FINRA intends to focus on in 2017. The 2017 Priorities Letter recognizes that “[c]ybersecurity threats remain one of the most significant…
After surveying nearly 200 regulated financial institutions to obtain insight into the industry’s efforts to prevent cybercrime and meeting with a cross-section of those surveyed, as well as cybersecurity experts, to discuss emerging trends and risks, as well as due diligence processes, policies and procedures governing relationships with third party vendors, the New York State Department of Financial Services (NYDFS) recently released its proposed cyber security regulation.  The proposed regulation, titled “Cybersecurity Requirements for Financial…
There is no more pressing problem facing business organizations today, of all types, than cybersecurity threats. For a highly regulated industry like banking, regulators are watching closely to see how the IT governance structure at a bank can manage this risk. Recently, the Federal Financial Institutions Examination Council, which coordinates the examination process at all of the federal banking agencies, issued a new “management booklet” on IT risk management examinations, replacing one that had not…
With increased oversight, regulatory scrutiny and risk related to cybersecurity, now is the time for those in the banking industry to be proactive in managing cybersecurity risk. Waiting until a breach occurs to formulate or review your game plan may be “too little, too late”. An assessment of your current cybersecurity preparedness may be the best place to start. Assessment The Federal Financial Institutions Examination Council (FFIEC) recently released a Cybersecurity Assessment Tool to help…