Since October is National Cybersecurity Awareness Month, FinCEN and OFAC have published advisories aiming to increase cybersecurity awareness and aid institutions in responding and reporting incidents. The FinCEN Advisory – Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments The advisory provides information on: (1) the role of financial intermediaries… Read More »
The FFIEC released an update the the Cybersecurity Assessment Tool. This update to the Assessment addresses changes to the FFIEC IT Examination Handbook by providing a revised mapping in Appendix A to the updated Information Security and Management booklets. The updated Assessment will also provide additional response options, allowing financial institution management to include supplementary… Read More »
On March 24, the DCU published bulletin B-17-09 regarding the NASCUS Cybersecurity Symposium June 5-6 in San Diego, CA. The bulletin is reprinted below. NASCUS Cybersecurity Symposium, June 5-6, 2017 Make plans to attend the NASCUS Cybersecurity Symposium San Diego, CA Division of Credit Unions (DCU) encourages credit unions to continue training on cybersecurity. While… Read More »
On October 25, 2016, FinCEN released FIN-2016-A005, Advisory to Financial Institutions on Cyber-Events and Cyber-Enabled Crime. It serves as a refresher of the credit union’s SAR filing obligations when encountering cyber-events. A financial institution is required to report a suspicious transaction conducted or attempted by, at, or through the institution that involves or aggregates to… Read More »
The FFIEC released a Frequently Asked Questions Guide related to the Cybersecurity Assessment Tool (CAT). The FFIEC published the Cybersecurity Assessment Tool in June of 2015 as a voluntary tool to help financial institutions’ management identify risk and determine their cybersecurity preparedness. The CAT provides a repeatable and measurable process that financial institutions may use… Read More »
The Federal Financial Institutions Examination Council (FFIEC) has revised the “Information Security” booklet of the FFIEC Information Technology Examination Handbook (IT Handbook). The “Information Security” booklet is one of 11 that make up the IT Handbook. The revised “Information Security” booklet provides guidance to examiners and addresses factors necessary to assess the level of security risks to… Read More »
The Federal Financial Institutions Examination Council (FFIEC) members today advised financial institutions, consistent with existing regulatory expectations, to actively manage the risks associated with interbank messaging and wholesale payment networks. In a statement, the FFIEC also stressed that financial institutions should review risk-management practices and controls related to information technology systems and wholesale payment networks,… Read More »
On December 18, 2015, Congress passed and President Obama signed into law the Cybersecurity Information Sharing Act of 2015, which is designed to increase cybersecurity information sharing between the private sector and the Federal Government. The Act provides various protections to non-federal entities that share cyber threat indicators or defensive measures with the Federal Government…. Read More »
The FDIC’s Winter 2015 Supervisory Insights includes an article on framework for cybersecurity. With cybersecurity being a focus for both the NCUA and the DFI in 2016 exams, along with the risks associated with cyber threats, the article is a good read for credit unions (even if it is published by the competition). The article… Read More »
Compliance Services Group Copyright 2026.© All Rights Reserved | Privacy Policy
No Legal Advice Intended
The information on this website is provided as a service to our clients and visitors. The contents of this website, and the posting and viewing of the information on this website may convey information that can be characterized as “law related services” as defined by Rule 5.7 of the Rules of Professional Conduct (“RPC”) governing lawyers, but should not be construed as, and is not intended to be legal services, legal advice, or forming a client-lawyer relationship. Since CSG is not engaged in the practice of law, neither our services nor our relationship will be governed by the RPCs governing lawyers including, but not limited to, specific RPC rules applicable to privileged communications and prohibitions of conflicts of interest. While CSG uses reasonable efforts to include accurate, up-to-date information on this website, CSG makes no warranties or representations as to its accuracy and assumes no liability or responsibility for any errors or omissions in the content of this website or any third-party websites accessed through links from this website.
Formal Agreement Required for Services
You cannot engage CSG to render services for you through e-mail. CSG is not committed to provide services of any kind to you unless a formal services agreement has been executed by both you and CSG. CSG makes no commitment to you to maintain the confidentiality of any e-mail you send to us nor to respond to any e-mail.
Copyrights
Except for information in the public domain, or whether other ownership is acknowledged, CSG owns the copyright to this web site and all of its content. You may not copy or distribute materials from this web site except for personal, noncommercial use.
Links
Links provided by this web site are to assist our clients and visitors in identifying other useful resources and are not intended to state or imply that CSG sponsors or is associated with these resources or endorses or recommends any of the third party information, products, or services found there.