OCC issues computer incident notification points of contact

March 30, 2022

The OCC issued a bulletin with the designated points of contact banks must use to satisfy recently established interagency incident notification requirements, effective May 1.

Background: The final rule requires a banking organization to notify its primary federal regulator of any significant computer-security incident as soon as possible and no later than 36 hours after it determines a cyber incident has occurred.

Points of Contact: The OCC said banks may satisfy notification requirements by contacting their supervisory office or by using BankNet contact information.

ICBA Position: In a comment letter last year, ICBA expressed opposition to the rule, noting that community banks are already required to report incidents under the Gramm-Leach-Bliley Act

Interested in discussing this and other topics? Network with and learn from your peers with the app designed for community bankers. Join the conversation with ICBA Community.

NewsWatch Today Contacts

Thomas Warren

Vice President, Communications

Nicole Swann

Vice President, Communications

OCC issues computer incident notification points of contact

NewsWatch Today Contacts

Related News

FinCEN: $27B in elder financial exploitation reported by financial institutions

ICBA whitepaper explores trends in fair lending and redlining practices

CFPB reports on credit reporting violations as it considers rulemaking

CFPB monitoring use of mortgage discount points