Welcome to BankInfoSecurity's FFIEC Guidance Resource Center!

FFIEC

The latest news, views and education on the Federal Financial Institutions Examination Council's latest guidance on the risks and risk management controls necessary to authenticate services in an Internet banking environment.

The Latest News

  • FFIEC to Prepare New Cyber-Risk Policy

    Regulators Reveal More Cybersecurity Initiatives FFIEC to Prepare New Cyber-Risk Policy

    The FFIEC says it's taking several additional steps, including updating and supplementing its Information Technology Examination Handbook, to help banking institutions enhance their cybersecurity risk preparedness. Find out the details. Read more...

  • Fed, State Regulators: Reform Is Needed

    OCC, NY DFS Call for Better Standards, Info Sharing Fed, State Regulators: Reform Is Needed
    Thomas Curry and Benjamin Lawsky

    Banking institutions' technical and procedural shortcomings pose increasing risks to the nation's critical infrastructure, two banking regulators note. Learn why they say more transaction monitoring and information sharing are needed. Read more...

  • Regulator Hints at New Cyber Guidance

    OCC Deputy Pushes for Collaboration Between Merchants, Banks Regulator Hints at New Cyber Guidance
    Beth Dugan, the OCC's Deputy Comptroller for Market Risk

    On the heels of the FFIEC's new business continuity guidelines, Deputy Comptroller Beth Dugan hints that new guidance related to cybersecurity risks affecting payments and mobile transactions may be coming. Read more...

  • FFIEC Issues Cyber-Resilience Guidance

    Regulators Outline Cyberthreats to Business Continuity FFIEC Issues Cyber-Resilience Guidance

    New business continuity guidelines from the Federal Financial Institutions Examination Council paint a more detailed picture of the cybersecurity initiatives banks and credit unions will be asked about during upcoming IT examinations. Read more...

  • Article

    Cloud Security Certification Launched

    Designed to Measure Advanced Competence By Geetha Nandikotkur
    Cloud Security Certification Launched

    (ISC)² and the Cloud Security Alliance have unveiled a new cloud security professional certification designed to measure advanced competence. Will training for the certification help professionals gain a better understanding of cloud security?

  • Article

    OCC Expands on Third-Party Cyber-Risks

    Director Offers Review of New Cyber-Resiliency Guidance By Tracy Kitten
    OCC Expands on Third-Party Cyber-Risks

    Kevin Greenfield, director of bank IT for the Office of the Comptroller of the Currency, says FFIEC agencies are working to help financial institutions shore up cybersecurity, and a big focus for regulators is third-party risks.

  • Article

    Agency Takes Responsibility for Breach

    Regulator to Pay $50,000 for Related Expenses By Tracy Kitten
    Agency Takes Responsibility for Breach

    Weeks after confirming its review of a data breach that occurred during a routine regulatory exam, a financial regulatory agency now says it will pay $50,000 to help cover the affected institution's breach-related expenses.

  • Blog

    Banking Malware Poses New Threats

    Early Detection Is Critical for Fraud Prevention By Marco Morana
    Banking Malware Poses New Threats

    Emerging malware increasingly puts banks and their customers at risk for fraud. The sooner malware is detected and removed, the less likely banks are to suffer regulatory penalties and fines, and steep losses linked to fraud.

  • Article

    Cyber Attacks: The Internal Threat

    Fortinet Exec Says Businesses Must Secure Networks from the Inside Out By Tracy Kitten
    Cyber Attacks: The Internal Threat

    Not all threat intelligence is created equally, says Fortinet's John Maddison. And it's not just external threats organizations should be most concerned about. Why more businesses need to focus on inside-out security.

More news...

Webinars

More webinars...

White Papers

More whitepapers...
ARTICLE FFIEC to Prepare New Cyber-Risk Policy

The FFIEC says it's taking several additional steps, including updating and supplementing its...

Latest Tweets and Mentions

ARTICLE FFIEC to Prepare New Cyber-Risk Policy

The FFIEC says it's taking several additional steps, including updating and supplementing its...

The ISMG Network