U.S. Banking Regulators Respond to Rep. Maloney Inquiry on Banking Security
"I appreciate the regulators' response to my inquiry and am encouraged by the initial steps they have taken in response to the recent cyber attacks involving the SWIFT international payment system. However, as recent hacks demonstrate, our cybersecurity is only as strong as our weakest link. I remain concerned about the potential for future attacks and will be asking for regular updates from our banking regulators on the steps being taken address the risks that these cyber attacks pose to the safety and soundness of
In their letter, the agencies described a series of actions that they've taken, both individually and collectively, in response to the cyber attacks, including:
* Sending internal alerts to their examiners on the cyber attacks, with instructions for examiners to conduct expanded reviews of cyber controls for banks that are members of SWIFT, similar to the cybersecurity review ordered by the
* Issuing a joint statement, Cybersecurity of Interbank Messaging Payment Networks, urging
* Monitoring SWIFT's response to the cyber attacks.
Additional Background
In March,
Full text of the letter sent by the regulators can be found below and a PDF can be found here.
Dear Ranking Member Maloney:
Thank you for your letter of
The agencies have taken a number of steps to address information security concerns related to the SWIFT messaging network. In coordination with the
Risk management practices and controls also are set forth in the
In addition to the joint statement, each of the agencies is taking steps to reinforce with examiners key controls and risk management practices that should be incorporated in supervision activities. Many of the largest and most critical institutions to the
The
The OCC is drafting specific guidance for examiners on interbank messaging and wholesale payment systems risk management. This guidance provides examiners with specific information on key controls and risk management practices that should be assessed as part of supervisory oversight activities and references the existing supervisory standards and tools for examining interbank messaging and wholesale payment systems. As part of ongoing supervision activities, the OCC's onsite examination teams regularly address emerging issues, such as the recent reports of cyber-attacks involving SWIFT.
The
Finally, as a general matter, the agencies are continuing to heighten our focus on cybersecurity risks and controls for
Thank you again for your letter and your interest in ensuring continued vigilance to protect the nation's financial system from harmful cyber-attacks.
Sincerely,
[1] The
[2] See: https://www.ffiec.gov/press/pr060716.htm
[3] Financial institutions are also subject to any applicable state laws incorporating the requirements of Ankle 4A of the Uniform Commercial Code, which governs funds transfers.
[4] For additional information about SWIFT oversight, see: https://www.swift.com/about-us/organisation-governance/oversight
[5] "Financial market utilities (FMUs) are multilateral systems that provide the infrastructure for transferring, clearing, and settling payments, securities, and other financial transactions among financial institutions or between financial institutions and the system." https://www.federalreserve.gov/paymentsystems/designated_fmu_about.htm
Read this original document at: http://maloney.house.gov/media-center/press-releases/us-banking-regulators-respond-to-rep-maloney-inquiry-on-banking-security
Advisor News
Annuity News
Health/Employee Benefits News
Life Insurance News