Home      Login


The Banking Agencies’ Final Rule on Computer-Security Incident Notification Requirements  


Author:  Avi Gesser.; Johanna Skrzypczyk.; Michael R. Roberts.; Courtney Bradford Pike.; Andres Gutierrez.


Source: Volume 38, Number 05, May 2022 , pp.35-42(8)




Review of Banking & Financial Services

next article > |return to table of contents

Abstract: 

Responding to the increasing frequency and severity of cyberattacks on the financial services industry, the federal banking agencies have issued a final rule regarding required notifications of such attacks. The authors discuss the rule in detail, beginning with the Agencies’ stated goals and key definitions in the rule. They then turn to updating incident response plans for compliance, incident notification requirements, and issues surrounding service provider contacts and contracts.

Keywords: Final Rule on Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers

Affiliations:  1: Debevoise & Plimpton LLP; 2: Debevoise; 3: Debevoise; 4: Debevoise; 5: Debevoise.

Subscribers click here to open full text in PDF.
Non-subscribers click here to purchase this article. $60

next article > |return to table of contents