Enter your email address to receive new posts in your inbox:

Delivered by FeedBurner


Like what you see? Share!

Our Attorneys

Entries in FDIC (23)


Federal Bank Regulators Seek Comments on "Enhanced" Cybersecurity Rules

Just one day after the Federal Financial Institutions Examination Council issued FAQs to help financial institutions utilize FFIEC’s Cybersecurity Assessment Tool, three federal banking regulators issued an Advance Notice of Proposed Rulemaking regarding “Enhanced Cyber Risk Management Standards.”

The rulemaking notice was issued on October 19, 201 by the Federal Reserve Board, the FDIC, and the OCC.  A copy of the notice can be found here

As proposed, the enhanced cybersecurity rules would not apply to community banks, but would apply to any of the following institutions as well as third parties who provide services to these institutions:  (1) depository institution and depository institution holding companies with assets of $50 billion or more; (2) US operations of foreign banking organizations with US assets of $50 billion or more; and (3) financial market infrastructure companies and nonbank financial companies supervised by the Federal Reserve Board.  These institutions were identified to the extent they provide “key functionality to the financial sector.”

The enhanced rules are being considered based on the reality that technology dependence is growing and the US financial sector is becoming more interdependent. As such, a cybersecurity induced failure of one major institution could impact the safety and soundness of other institutions.

The enhanced rules would fall within five different categories: (1) cyber risk governance; (2) cyber risk management; (3) internal dependency management; (4) external dependency management; and (5) incident response, cyber resilience, and situational awareness.  The proposed rulemaking includes 36 questions across the foregoing categories for which comments are being sought.

Comments are due January 17, 2017.


Financial Institutions . . . In the News

  •  Home sales rose in Maine in March, both in numbers of homes sold and in higher prices.  (PPH 4.20.2016)
  • The Federal Deposit Insurance Corporation (FDIC) rated Machias Savings Bank “outstanding” on its recent Community Reinvestment Act (CRA) Performance Evaluation.  (Mount Desert Islander 4.23.2016)
  • A class action suit against TD Bank’s coin-counting machines claims the Penny Arcades short-changed customers.  (My Central Jersey 4.29.2016)
  • Lake Sunapee Bank Group bought by Bar Harbor Bank for 142 million.  (Central Maine 5.5.2016)
  • J.D. Power and Associates awards Bangor Savings Bank for the second year in a row,  the highest score in New England among qualifying institutions on its 2016 Retail Banking Satisfaction Study.  (Mainebiz 5.6.2016)



Financial Institutions . . . In the News

  • February marks lowest unemployment rate in 15 years at 3.6 percent. (Sun Journal 3.25.2016)
  • Fake paychecks are being cashed in Franklin, Androscoggin, and Oxford Counties leaving businesses with financial losses.  (WGME 3.28.2016)
  • North American Securities Administrators Association’s (NASAA) program Senior$afe, a program to identify and report financial elder abuse, will be available to its members in April. (Investment News 3.30.2016)
  • Banks facing unsteady time between bad energy loans and new FDIC regulations.  (PPH 4.14.2016)

Cyber-security: FDIC Issues Warning on “Shellshock” and “Bash”

On September 29, 2014, the FDIC, on behalf of the Federal Financial Institutions Examination Council, issued an alert to banks on recently discovered material vulnerabilities in the security of the GNU Bourne-again shell system software -- nicknamed “Bash” -- commonly used by bank servers and computers. Researchers reported the newly discovered vulnerability -- nicknamed “Shellshock” -- in Bash versions 1.14 through 4.3 on September 24, 2014.

Click to read more ...


FDIC: Banks can consult with FDIC staff instead of hiring consultants

The Summer 2014 edition of the FDICs Supervisory Insights Journal is now out. This edition includes two articles: (1) an article advising banks on how to meet regulatory expectations without outside consultants; and (2) an article summarizing common risks to banks as identified through FDIC examinations. The Journal concludes with a Regulatory and Supervisory Roundup listing recent Dodd-Frank rulemakings, FAQs, seminar listings, and operational guidance.

Click to read more ...