On June 11, 2018, the Financial Services Information Sharing and Analysis Center (“FS-ISAC”) announced the launch of the CERES Forum, an information sharing initiative for central banks, regulators, and supervisors designed to strengthen responses to cyber and physical threats. The new forum will become operational on July 1, 2018. Although FS-ISAC primarily comprises private financial … Continue Reading
Blockchain is a powerful innovation that is poised to bring substantial positive change to the financial services industry as well as many other industries. Despite such promise, blockchain, like any emerging financial services technology, must be evaluated from the perspective of cybersecurity risk – both to an individual financial institution and to the broader and … Continue Reading
On February 21, 2018, the U.S. Securities and Exchange Commission (the “Commission”) approved a statement and interpretive guidance that provides the Commission’s views on a public company’s disclosure obligations concerning cybersecurity risks and incidents (the “2018 Commission Guidance”). This guidance reinforces and expands upon previous cybersecurity disclosure guidance issued by the Division of Corporation Finance … Continue Reading
On September 6, 2017, the Federal Reserve System (“FRS”) published a paper that identifies updated strategies and tactics for improving the U.S. payments system. The paper, entitled Strategies for Improving the U.S. Payment System: Federal Reserve Next Steps in the Payments Improvement Journey, refines the strategies set forth in a previous FRS paper, Strategies for … Continue Reading
On March 24, 2017, Treasury Secretary Steven Mnuchin gave a speech in which he identified cybersecurity as his primary concern regarding the financial sector. Secretary Mnuchin said in his remarks that ensuring a “safe and sound financial sector” requires cooperation and investment among the various financial regulators. The Secretary emphasized that he wants regulatory agencies … Continue Reading
See our sister blog, Inside Privacy, for updates on the New York State Department of Financial Services’ proposed cybersecurity regulation.… Continue Reading
On October 25, 2016, the Financial Crimes Enforcement Network (FinCEN) issued an Advisory to financial institutions to (i) clarify reporting requirements under the Bank Secrecy Act (BSA) for filing Suspicious Activity Reports (SARs) on cyber-attacks and cyber-enabled crimes, (ii) note what information financial institutions should include in such reports, and (iii) encourage financial institutions to share … Continue Reading
On October 19, 2016, the Board of Governors of the Federal Reserve System, Office of the Comptroller of the Currency, and Federal Deposit Insurance Corporation released a joint Advance Notice of Proposed Rulemaking (ANPR) requesting public comment on enhanced cybersecurity standards that would apply to certain large, interconnected financial entities as well as the third … Continue Reading
