December 4, 2022

Volume XII, Number 338

Advertisement

December 02, 2022

Subscribe to Latest Legal News and Analysis

December 01, 2022

Subscribe to Latest Legal News and Analysis

Bank Regulators Adopt Rule Requiring Prompt Notification of Cyber Incidents

The OCC, FDIC and Federal Reserve Board adopted a final rule to improve information sharing regarding cyber incidents impacting the U.S. banking system.

The rule requires banking organizations to notify their primary federal regulator of "any significant computer-security incident" no later than 36 hours after a determination is made that a cyber incident occurred. According to the interagency release, this will help the banking regulators address threats before they become systemic. Notification is required for incidents that have either materially affected or are likely to materially affect (i) the "viability" of a banking organization's operations or ability to provide products and services, or (ii) the overall stability of the financial sector. In addition, the rule requires a bank service provider to notify banking organization customers when a computer-security incident occurs that "has caused, or is reasonably likely to cause, a material service disruption or degradation for four or more hours."

In a public statement, FDIC Chairman Jelena McWilliams said that the final rule addresses a "gap in timely notification to the banking agencies of the most significant computer-security incidents affecting banking organizations, allowing the FDIC and our fellow banking supervisors to be better positioned to understand and to respond to cybersecurity threats across the banking sector." Ms. McWilliams added that through the interagency rulemaking, several changes were made to the proposed rule to resolve concerns with regards to the over-reporting of incidents.

The effective date of the rule is April 1, 2022; compliance is required by May 1, 2022.

© Copyright 2022 Cadwalader, Wickersham & Taft LLPNational Law Review, Volume XI, Number 323
Advertisement
Advertisement
Advertisement

About this Author

At Cadwalader, Wickersham & Taft LLP, we put over 225 years of legal experience and innovation to work for you today. As one of the world's most prominent financial services law firms, we have long-standing client relationships with premier financial institutions, funds, Fortune 500 companies and other leading corporations, and individual private clients. We have earned a reputation for crafting innovative business and financial solutions and developing precedent-setting legal strategies to achieve our clients' goals. The result is simple: We stand out from...

212-504-6000
Advertisement
Advertisement
Advertisement