Welcome to BankInfoSecurity's FFIEC Guidance Resource Center!

FFIEC

The latest news, views and education on the Federal Financial Institutions Examination Council's latest guidance on the risks and risk management controls necessary to authenticate services in an Internet banking environment.

The Latest News

  • FFIEC to Prepare New Cyber-Risk Policy

    Regulators Reveal More Cybersecurity Initiatives FFIEC to Prepare New Cyber-Risk Policy

    The FFIEC says it's taking several additional steps, including updating and supplementing its Information Technology Examination Handbook, to help banking institutions enhance their cybersecurity risk preparedness. Find out the details. Read more...

  • Fed, State Regulators: Reform Is Needed

    OCC, NY DFS Call for Better Standards, Info Sharing Fed, State Regulators: Reform Is Needed
    Thomas Curry and Benjamin Lawsky

    Banking institutions' technical and procedural shortcomings pose increasing risks to the nation's critical infrastructure, two banking regulators note. Learn why they say more transaction monitoring and information sharing are needed. Read more...

  • Regulator Hints at New Cyber Guidance

    OCC Deputy Pushes for Collaboration Between Merchants, Banks Regulator Hints at New Cyber Guidance
    Beth Dugan, the OCC's Deputy Comptroller for Market Risk

    On the heels of the FFIEC's new business continuity guidelines, Deputy Comptroller Beth Dugan hints that new guidance related to cybersecurity risks affecting payments and mobile transactions may be coming. Read more...

  • FFIEC Issues Cyber-Resilience Guidance

    Regulators Outline Cyberthreats to Business Continuity FFIEC Issues Cyber-Resilience Guidance

    New business continuity guidelines from the Federal Financial Institutions Examination Council paint a more detailed picture of the cybersecurity initiatives banks and credit unions will be asked about during upcoming IT examinations. Read more...

  • Article

    OCC Expands on Third-Party Cyber-Risks

    Director Offers Review of New Cyber-Resiliency Guidance By Tracy Kitten
    OCC Expands on Third-Party Cyber-Risks

    Kevin Greenfield, director of bank IT for the Office of the Comptroller of the Currency, says FFIEC agencies are working to help financial institutions shore up cybersecurity, and a big focus for regulators is third-party risks.

  • Article

    Agency Takes Responsibility for Breach

    Regulator to Pay $50,000 for Related Expenses By Tracy Kitten
    Agency Takes Responsibility for Breach

    Weeks after confirming its review of a data breach that occurred during a routine regulatory exam, a financial regulatory agency now says it will pay $50,000 to help cover the affected institution's breach-related expenses.

  • Blog

    Banking Malware Poses New Threats

    Early Detection Is Critical for Fraud Prevention By Marco Morana
    Banking Malware Poses New Threats

    Emerging malware increasingly puts banks and their customers at risk for fraud. The sooner malware is detected and removed, the less likely banks are to suffer regulatory penalties and fines, and steep losses linked to fraud.

  • Interview

    BitSight CEO on Nation-State Attacks

    Shaun McConnon Says Security Preparedness Falls Short By Tracy Kitten
    BitSight CEO on Nation-State Attacks

    The advanced and persistent nature of today's cyber-attacks, which are often waged by nation-states, is changing the way organizations address network security, says BitSight CEO Shaun McConnon.

  • Interview

    LifeLock at 10: Identity Fraud Evolves

    CEO Todd Davis on the New Generation of ID Threats, Controls By Tom Field
    LifeLock at 10: Identity Fraud Evolves

    When Todd Davis helped found LifeLock in 2005, ID fraud was a niche consumer issue. Today it's a major enterprise risk. What are today's top fraud threats, and where are some of the surprising security gaps?

More news...

Webinars

  • PREMIUM MEMBER EXCLUSIVE

    Mobile: Fraud's New Frontier

    Mobile is quickly becoming the channel of choice for banking institutions and their customers, but the fraud risks are only starting to reveal themselves in the form of malware and account...

  • Insider Threat: Mitigating the Risk

    Employees are an organization's greatest asset and greatest risk. With a single click an employee can devastate a business by transferring or damaging huge amounts of data. Finding the balance...

More webinars...

White Papers

  • Secure in Transmission and Secure Behind the Network

    In the past, the only discussions people had about email were focused on the never-ending inbox and the amount of time wasted filtering through it. The Snowden revelations changed all that. Suddenly,...

  • 2015 Cyberthreat Defense Report

    The Cyberthreat Defense Report began the process of looking beyond headline-grabbing breaches and the nth stage in the evolution of cyberthreats to better understand the perceptions, concerns, and...

More whitepapers...
ARTICLE Industry News: Trend Micro, HP Collaborate

Leading this week's industry news roundup, Trend Micro and Hewlett Packard collaborate to help...

Latest Tweets and Mentions

ARTICLE Industry News: Trend Micro, HP Collaborate

Leading this week's industry news roundup, Trend Micro and Hewlett Packard collaborate to help...

The ISMG Network