Federal regulators have been encouraging financial institutions to share information about known cyber incidents for years. Now banks and their third-party service providers have until May 1, 2022, to comply with the new rule requiring prompt regulator notification in the event of a cyber incident. How to Respond When a
Ten years ago, few people could have imagined that one of the greatest operational and data security threats to financial institutions would be extortionists holding data hostage. Yet that’s exactly what’s happening today with ransomware. The banking industry has become a massive ransomware target—and the threat is
Compliance management is a never-ending job. As soon as one regulation is implemented or training or testing is completed, another one immediately takes its place. It can be overwhelming, but there are ways to lighten your compliance management workload while still staying compliant and on task. Here are four tips.
When it comes to compliance, there is a good reason for three lines of defense. They ensure that a bank’s lending compliance management system (CMS) is effectively guarding the bank against unnecessary risk. The First Line of Defense: EmployeesThe first line of defense is the business. From the back
Earlier this year the Office of the Comptroller of the Currency hit Morgan Stanley with a $60 million civil money penalty for faulty vendor management practices that potentially exposed sensitive customer data. The bank also faces seven class-action lawsuits accusing it of negligence. What went wrong and how do you
If there has ever been a year for contingency plans, 2020 is it. Many financial institutions have activated their business continuity plans (BCP) due to the COVID-19 pandemic. Now as hurricanes, wildfires, and other natural disasters disrupt business further, FIs are finding themselves activating a second BCP on top of
Did one of your third-party vendors need Paycheck Protection Program (PPP) funds? This is the question everyone is asking since the Small Business Administration (SBA) released the list of businesses that took PPP loans. (The Washington Post’s PPP searchable database includes companies that borrowed more than $150,000.) As