Compliance Management

Gaps found in FDIC regulation of banks’ cyber risk

Share

Significant gaps have been discovered in the Federal Deposit Insurance Corporation's IT and cyber risk assessment program InTREx by the agency's Office of the Inspector General, CyberScoop reports. While the FDIC has been tasked to monitor U.S. banks, the agency has been using outdated information from its InTREx, while some tests are not being completed by some of its examiners, according to a report from the FDIC's OIG. Aside from FDIC staffers lacking awareness of the latest cybersecurity updates, its examiners were also not given any training on InTREX procedures and processes, resulting in the elevated prevalence of failed exam work paper filings. Nineteen recommendations have been given by the FDIC OIG in its report, with the agency stating that it will be completing 14 of the recommendations by year-end. However, the FDIC has been noted by its watchdog to be not doing enough in addressing the five other concerns named in its report.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.