Financial institutions have to contend with myriad regulators and cyber security issues. Multiply numerous regulators by an alarming array of risks and the risk management function becomes almost impossible. The Federal Financial Institutions Examination Council (FFIEC) is working to simplify all that – or at least limit the red tape.
The FFIEC is an interagency body of the United States government. Its purpose is to promote harmony, if not uniformity, between the various financial regulators, including the Fed, the FDIC, OCC, the Credit Union Administrator, and the new Consumer Financial Protection Bureau (CFPB). In early June, the FFIEC announced the formation of a working group to promote coordination across the federal and state banking regulatory agencies on critical infrastructure and cyber security issues. Technology committees already exist within the FFIEC, but this new group is intended to help federal and state regulators march in step when it comes to managing cyber risk. It is entirely possible that the working group will be just another layer of bureaucracy, but, at this time, it appears to be an important step in creating consistency within the regulatory community in oversight of cyber security. Ideally, it should ultimately mean that institutions will only have to turn to one source to determine mandatory cyber security requirements from their various regulators. An important step in the right direction.
|This post was part of our SPOTLIGHT ON CYBER: Is Any Industry Safe?, published June 25, 2013. The feature also included these other risks:|