Request A Consultation

FFIEC sets the standard for cybersecurity compliance of federally supervised financial institutions

The digital modernization of banking and finance brought about accessibility and convenience but introduced increased risk for cyber attacks on financial data and systems as well as third-party providers servicing these industries.

The Federal Financial Institutions Examination Council (FFIEC) is an interagency body composed of five regulatory agencies: the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), Office of the Comptroller of the Currency (OCC), the Consumer Financial Protection Bureau (CFFP), and the State Liaison Committee (SLC).

As risks to digitized financial data increased, FFIEC members began taking steps to raise awareness in the financial industry of the inevitably of cybersecurity attacks and the necessity of identifying, assessing, and mitigating these risks. To this end, in 2013, the FFIEC created a Cybersecurity and Critical Infrastructure Working Group.

Eagle Gargoyle on Federal Building
Federal reserve building, Washington DC. USA.

The Council began assessing and enhancing the state of the financial industry’s preparedness and identifying and addressing gaps in regulators’ examination procedures and training to strengthen their oversight of  the industry’s cybersecurity readiness.  It also developed a Cybersecurity Assessment Tool to help institutions identify their risks and vulnerabilities and assess and determine their cybersecurity preparedness. For examiners, the FFIEC developed the IT Examination Handbook, a set of guidelines they can use to determine if financial institutions are meeting the highest standards of cybersecurity controls and preparedness.

Speak With a CISO Global Security Specialist Today

Our experts maintain the most respected credentials in
the industry across cybersecurity, risk and compliance,
forensics, incident response, ethical hacking, security engineering, and more.

Cybersecurity expert managing CISO Global's security operations center