Welcome to BankInfoSecurity's FFIEC Guidance Resource Center!

FFIEC

The latest news, views and education on the Federal Financial Institutions Examination Council's latest guidance on the risks and risk management controls necessary to authenticate services in an Internet banking environment.

The Latest News

  • FFIEC to Prepare New Cyber-Risk Policy

    Regulators Reveal More Cybersecurity Initiatives FFIEC to Prepare New Cyber-Risk Policy

    The FFIEC says it's taking several additional steps, including updating and supplementing its Information Technology Examination Handbook, to help banking institutions enhance their cybersecurity risk preparedness. Find out the details. Read more...

  • Fed, State Regulators: Reform Is Needed

    OCC, NY DFS Call for Better Standards, Info Sharing Fed, State Regulators: Reform Is Needed
    Thomas Curry and Benjamin Lawsky

    Banking institutions' technical and procedural shortcomings pose increasing risks to the nation's critical infrastructure, two banking regulators note. Learn why they say more transaction monitoring and information sharing are needed. Read more...

  • Regulator Hints at New Cyber Guidance

    OCC Deputy Pushes for Collaboration Between Merchants, Banks Regulator Hints at New Cyber Guidance
    Beth Dugan, the OCC's Deputy Comptroller for Market Risk

    On the heels of the FFIEC's new business continuity guidelines, Deputy Comptroller Beth Dugan hints that new guidance related to cybersecurity risks affecting payments and mobile transactions may be coming. Read more...

  • FFIEC Issues Cyber-Resilience Guidance

    Regulators Outline Cyberthreats to Business Continuity FFIEC Issues Cyber-Resilience Guidance

    New business continuity guidelines from the Federal Financial Institutions Examination Council paint a more detailed picture of the cybersecurity initiatives banks and credit unions will be asked about during upcoming IT examinations. Read more...

  • Article

    OCC Expands on Third-Party Cyber-Risks

    Director Offers Review of New Cyber-Resiliency Guidance By Tracy Kitten
    OCC Expands on Third-Party Cyber-Risks

    Kevin Greenfield, director of bank IT for the Office of the Comptroller of the Currency, says FFIEC agencies are working to help financial institutions shore up cybersecurity, and a big focus for regulators is third-party risks.

  • Article

    Agency Takes Responsibility for Breach

    Regulator to Pay $50,000 for Related Expenses By Tracy Kitten
    Agency Takes Responsibility for Breach

    Weeks after confirming its review of a data breach that occurred during a routine regulatory exam, a financial regulatory agency now says it will pay $50,000 to help cover the affected institution's breach-related expenses.

  • Blog

    Banking Malware Poses New Threats

    Early Detection Is Critical for Fraud Prevention By Marco Morana
    Banking Malware Poses New Threats

    Emerging malware increasingly puts banks and their customers at risk for fraud. The sooner malware is detected and removed, the less likely banks are to suffer regulatory penalties and fines, and steep losses linked to fraud.

  • Interview

    LifeLock at 10: Identity Fraud Evolves

    CEO Todd Davis on the New Generation of ID Threats, Controls By Tom Field
    LifeLock at 10: Identity Fraud Evolves

    When Todd Davis helped found LifeLock in 2005, ID fraud was a niche consumer issue. Today it's a major enterprise risk. What are today's top fraud threats, and where are some of the surprising security gaps?

  • Interview

    Spikes CEO on 'Air-Gapped' Browsers

    Founder Channels Lessons Learned From SpaceX, PayPal By Mathew J. Schwartz
    Spikes CEO on 'Air-Gapped' Browsers

    When IT veteran Branden Spikes founded his own company devoted to isolating browsers from attacks, he thought building the technology would be the top challenge. The venture capital community proved him wrong.

More news...

Webinars

More webinars...

White Papers

  • Secure in Transmission and Secure Behind the Network

    In the past, the only discussions people had about email were focused on the never-ending inbox and the amount of time wasted filtering through it. The Snowden revelations changed all that. Suddenly,...

  • 2015 Cyberthreat Defense Report

    The Cyberthreat Defense Report began the process of looking beyond headline-grabbing breaches and the nth stage in the evolution of cyberthreats to better understand the perceptions, concerns, and...

More whitepapers...
ARTICLE Industry News: Alert Logic Launches ActiveWatch

Leading this week's industry news roundup, Alert Logic launches ActiveWatch for Log Manager, a...

Latest Tweets and Mentions

ARTICLE Industry News: Alert Logic Launches ActiveWatch

Leading this week's industry news roundup, Alert Logic launches ActiveWatch for Log Manager, a...

The ISMG Network