Risk Management

Sound Practices for Operational Resilience Released by US Banking Regulators

By Rajesh De, Jeffrey P. Taft, David A. Simon, Megan S. Webster, J. Paul Forrester & Matthew Bisanz on November 5, 2020

Posted in Breaches & Incident Response, Cybersecurity, Financial Services

On October 30, 2020, the US federal banking regulators¹ issued guidance on sound practices for the largest US banking organizations to strengthen their operational resilience, including with respect to cyber risk management (the “Guidance”).² Operational resilience is an organization’s ability to prepare for, adapt to, withstand, and recover from disruptions and to continue…

Information Technology Examination Handbook for U.S. Financial Institutions Updated

By Rajesh De, Jeffrey P. Taft, Stephen Lilley & Matthew Bisanz on November 30, 2015

Posted in Cybersecurity, Government Agency Update / Notice, United States

The members of the Federal Financial Institutions Examination Council (“FFIEC”) have released an update to the Management section of the Information Technology Examination Handbook (the “Handbook”).¹ While the Handbook is written for examiners at the U.S. federal banking agencies and for the financial institutions subject to examination, it contains helpful guidance for other entities…