Search
RSS
Subscribe

Enter your email address to receive new posts in your inbox:

Delivered by FeedBurner

Share

Like what you see? Share!

Our Attorneys
Twitter
Twitter

Entries in Cybersecurity (7)

Thursday
Apr062017

Upcoming Event: Hot Compliance Topics in a Cyber World

On May 3, Susan Bryant of Verrill Dana, LLP will present a session entitled "Hot Compliance Topics in a Cyber World" at the Maine Bankers Association Trust & Wealth Management Conference at the Harraseeket Inn in Freeport, Maine.  

In this presentation, Susan will cover issues that currently concern regulators and how to build a compliance program to address such issues as cybersecurity, risk management, working with third parties, privacy/confidentiality, the Volcker Rule, fraud prevention, and the new anti-money laundering rule. Susan will also cover the requirements of an adequate compliance program, from adopting written policies and procedures to establishing controls and reporting to senior management.

Susan Bryant is a member of Verrill Dana’s Securities Law Group and the firm’s Business Law Group.  Susan is based in Portland, Maine and Westport, CT.

Learn more and register for the conference online here.

Monday
Jan232017

2017 Maine Legislature to Take Up Bills Impacting Banking, Business, and State Budget

On Friday, January 6, Maine Governor Paul LePage released his biennial general fund budget for 2018-19. Three days later, on Monday, January 9, the Maine Legislature made available its list of proposed bill titles for the first regular session of the 128th Maine Legislature. And, in the world of banking, there are a range of proposed bills likely to affect the financial services industry that we expect to come forward.

Click to read more ...

Friday
Oct212016

Federal Bank Regulators Seek Comments on "Enhanced" Cybersecurity Rules

Just one day after the Federal Financial Institutions Examination Council issued FAQs to help financial institutions utilize FFIEC’s Cybersecurity Assessment Tool, three federal banking regulators issued an Advance Notice of Proposed Rulemaking regarding “Enhanced Cyber Risk Management Standards.”

The rulemaking notice was issued on October 19, 201 by the Federal Reserve Board, the FDIC, and the OCC.  A copy of the notice can be found here

As proposed, the enhanced cybersecurity rules would not apply to community banks, but would apply to any of the following institutions as well as third parties who provide services to these institutions:  (1) depository institution and depository institution holding companies with assets of $50 billion or more; (2) US operations of foreign banking organizations with US assets of $50 billion or more; and (3) financial market infrastructure companies and nonbank financial companies supervised by the Federal Reserve Board.  These institutions were identified to the extent they provide “key functionality to the financial sector.”

The enhanced rules are being considered based on the reality that technology dependence is growing and the US financial sector is becoming more interdependent. As such, a cybersecurity induced failure of one major institution could impact the safety and soundness of other institutions.

The enhanced rules would fall within five different categories: (1) cyber risk governance; (2) cyber risk management; (3) internal dependency management; (4) external dependency management; and (5) incident response, cyber resilience, and situational awareness.  The proposed rulemaking includes 36 questions across the foregoing categories for which comments are being sought.

Comments are due January 17, 2017.

Friday
Oct212016

Know Your Risks: FFIEC issues FAQs on its Cybersecurity Assessment Tool

On October 18, 2016, the Federal Financial Institutions Examination Council published a set of Frequently Asked Questions to help financial institutions utilize the Council’s Cybersecurity Assessment Tool.  The FAQs were announced as part of FIL-68-2016.

The Cybersecurity Assessment Tool is a voluntary process designed to help the management of financial institutions measure their cybersecurity risks and their ability to respond to a threat.  The Tool was issued in June of 2015.

The FAQs address questions such as:

  • Why did the FFIEC release the Assessment?  A. To help institutions develop a “measurable” and “repeatable” mechanism to address the growing cybersecurity threats;
  • How does the Assessment align with the NIST Cybersecurity Framework?  A. The Assessment was developed using this framework along with the FFIEC IT Examination Handbook and “industry accepted cybersecurity practices.”
  • Will the FFIEC release an automated version of the Assessment.  A. Not at this time.
  • Can the Assessment be used as part of my institutions’ oversight of third parties?  A. Yes.
  • Does the FFIEC plan to update the assessment?  A.  Yes, as threats and risks evolve.

The FAQ’s are available here, and the Assessment Tool is available here.

Monday
Dec072015

Top 5 Priorities of Maine Banking Industry for 2016

In a November 2015 interview with MaineBiz news magazine, Maine Bankers Association President Chris Pinkham listed the top five issues that he believed were priorities for Maine’s banking industry.  His list includes, in order:

  1. Addressing cybersecurity and fraud issues with the EMV chip.  Pinkham cautioned that chip technology is encrypted, but transactions on the Internet remain at risk.  He also noted that customers still needed to check their statements; merchants needed to install the right equipment; and card manufacturers needed to “beef up” production to get the cards out there.
  2. The growth of residential mortgage closing documents as a result of the integration of Truth in Lending and Real Estate Settlement Procedures Act disclosures. Pinkham noted that the closing package had grown from 105 pages to 120 pages as a result.
  3. Regulatory relief was needed for small banks that are less complex. Pinkham also suggested ways to reduce the frequency with which privacy notices are sent to customers.
  4. Encouraging more partnerships between banks and the community, including efforts to reduce elder financial fraud.  Pinkham pointed to a new “Senior Safe” program that had trained 125 tellers to better identify instances of fraud, and an 800-number to report.
  5. Addressing student loan debt.  The weight of student loan debt is hurting families, and he encouraged policies that allowed for the consolidation of student debt or other incentives for Maine graduates to stay and work in Maine.

The full article from MaineBiz, published November 30, 2015, can be found here.