Welcome to BankInfoSecurity's FFIEC Guidance Resource Center!

FFIEC

The latest news, views and education on the Federal Financial Institutions Examination Council's latest guidance on the risks and risk management controls necessary to authenticate services in an Internet banking environment.

The Latest News

  • Fed, State Regulators: Reform Is Needed

    OCC, NY DFS Call for Better Standards, Info Sharing Fed, State Regulators: Reform Is Needed
    Thomas Curry and Benjamin Lawsky

    Banking institutions' technical and procedural shortcomings pose increasing risks to the nation's critical infrastructure, two banking regulators note. Learn why they say more transaction monitoring and information sharing are needed. Read more...

  • Regulator Hints at New Cyber Guidance

    OCC Deputy Pushes for Collaboration Between Merchants, Banks Regulator Hints at New Cyber Guidance
    Beth Dugan, the OCC's Deputy Comptroller for Market Risk

    On the heels of the FFIEC's new business continuity guidelines, Deputy Comptroller Beth Dugan hints that new guidance related to cybersecurity risks affecting payments and mobile transactions may be coming. Read more...

  • FFIEC Issues Cyber-Resilience Guidance

    Regulators Outline Cyberthreats to Business Continuity FFIEC Issues Cyber-Resilience Guidance

    New business continuity guidelines from the Federal Financial Institutions Examination Council paint a more detailed picture of the cybersecurity initiatives banks and credit unions will be asked about during upcoming IT examinations. Read more...

  • Cyber-Insurance: Requirement Coming?

    Sizing Up What FFIEC Guidance Might Include Cyber-Insurance: Requirement Coming?

    Cybersecurity guidance expected from federal banking regulators in 2015 is likely to include recommendations for investments in cyber-insurance in light of the surge in cyberthreats. Read more...

  • Prepping for New Cyber Exams

    How a FEMA-Funded Training Program Can Help Prepping for New Cyber Exams

    How can banking institutions prepare for beefed up cybersecurity exams by regulators next year that likely will scrutinize their security awareness efforts? One federally funded training program could help. Read more...

  • Article

    OCC: Third-Party Cyber-Risks Growing

    Director Offers Review of New Cyber-Resiliency Guidance By Tracy Kitten
    OCC: Third-Party Cyber-Risks Growing

    Kevin Greenfield, director of bank IT for the Office of the Comptroller of the Currency, says FFIEC agencies are working to help financial institutions shore up cybersecurity, and a big focus for regulators is third-party risks.

  • Article

    Agency Takes Responsibility for Breach

    Regulator to Pay $50,000 for Related Expenses By Tracy Kitten
    Agency Takes Responsibility for Breach

    Weeks after confirming its review of a data breach that occurred during a routine regulatory exam, a financial regulatory agency now says it will pay $50,000 to help cover the affected institution's breach-related expenses.

  • Blog

    Banking Malware Poses New Threats

    Early Detection Is Critical for Fraud Prevention By Marco Morana
    Banking Malware Poses New Threats

    Emerging malware increasingly puts banks and their customers at risk for fraud. The sooner malware is detected and removed, the less likely banks are to suffer regulatory penalties and fines, and steep losses linked to fraud.

  • Article

    7 Lessons from Target's Breach

    One Year Later, What Retailers, Bankers Have Learned By Tracy Kitten
    7 Lessons from Target's Breach

    It's been a year since the Target breach called attention to the need to ramp up cybersecurity at U.S. retailers. Here's a look at seven important lessons learned since then.

  • Article

    FFIEC Updates BSA Guidance

    Banks Bracing for New Exam Requirements By Tracy Kitten
    FFIEC Updates BSA Guidance

    For the first time since 2010, the FFIEC has released updated guidance about Bank Secrecy Act compliance requirements and money-laundering risks. As a result, a fraud expert says banks should brace for more regulatory scrutiny in early 2015.

More news...

Webinars

More webinars...

White Papers

  • 2015 Security Predictions: Another Bumpy Year Ahead

    It was a tough year for CISOs in 2014, and a great year for cybercriminals, as billions of dollars of global economic productivity were siphoned into their hands. It's easy to see that thieves are...

  • The State of Email Trust, 2014

    As you saw in the headlines and news, 2014 was a big year for email threats. And from our findings - the proof is in the data. By summarizing the TrustIndex data we gathered quarterly in 2014 that...

More whitepapers...
ARTICLE Black Hat Keynoter: Beware of Air Gap Risks

Disconnecting systems from the Internet via an "air gap" is supposed to make the data they store...

Latest Tweets and Mentions

ARTICLE Black Hat Keynoter: Beware of Air Gap Risks

Disconnecting systems from the Internet via an "air gap" is supposed to make the data they store...

The ISMG Network