Computer-Security Incident Notification Final Rule

The Federal Deposit Insurance Corporation (FDIC), the Board of Governors of the Federal Reserve System (Board), and the Office of the Comptroller of the Currency (OCC) (collectively, the agencies) have issued a joint final rule to establish computer-security incident notification requirements for banking organizations and their bank service providers.

The rule will provide the agencies with early awareness of emerging threats to banking organizations and the broader financial system, including potentially systemic cyber events.

A copy of the Final Rule can be found on the FDIC’s website.

Statement of Applicability: This Financial Institution Letter (FIL) applies to all FDIC-supervised institutions.

Highlights:

Distribution:

Suggested Routing:

Chief Information Officer
Chief Information Security Officer
Chief Operating Officer
Chief Risk Officer
Chief Technology Officer