Financial Institutions Council Publishes Statement On Hacker Extortion

King & Spalding
Contact

Amid the recent increase in hacker extortion cases, the Federal Financial Institutions Examination Council (“FFIEC”) issued a statement on November 3 (the “Statement”) describing steps financial institutions should take to mitigate the risks posed by such hacker attacks.  The FFIEC, empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions, did not create any new regulatory expectations in the Statement, which is intended instead to alert financial institutions to specific threats associated with cyber-attacks involving extortion. 

The FFIEC reminded regulated financial institutions regarding prior FFIEC guidance on measures that should be taken to mitigate hacker risks.  In addition to bolstering IT security and monitoring, the FFIEC recommends that financial institutions participate in industry information-sharing forums in order to keep abreast of evolving hacker threats.  The Statement encourages institutions victimized by a cyber-attack to contact law enforcement authorities and to notify their primary regulators.  When an attack results in unauthorized access to sensitive customer information, the institution has responsibility to notify its federal and state regulators under interagency guidelines implementing the Gramm-Leach-Bliley Act and may also be required or elect to file a Suspicious Activity Report.

A copy of the Statement is available here

Reporter, Rob Keenan, Atlanta, +1 404 572 3591, rkeenan@kslaw.com.

Written by:

King & Spalding
Contact
more
less

King & Spalding on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.