Senator seeks coordination on federal cybersecurity exams

March 7, 2016 -- Federal regulators need to “take the initiative and to increase the coordination of cybersecurity examinations,” a member of the Senate Banking Committee has written to the chairs of two federal regulatory umbrella groups.

Sen. Dean Heller, R-Nevada, wrote in a March 4 letter to the chairs of the Financial Stability Oversight Council (FSOC) and Federal Financial Institutions Examination Council (FFIEC) urging them to ensure a “consistent cybersecurity examination approach that does not waste precious time or valuable resources” and that could “better be used in the ongoing defense against cybercriminals.”

Heller also noted that, under current regulatory practices, one financial institution may be subject to cybersecurity-related examinations or information requests from multiple regulators, but asserted that little to no coordination among regulators exists, resulting in unnecessary duplication of efforts. “When firms are required to adhere to a new set of regulatory requirements each time a different financial regulator undertakes a cybersecurity-related exam, or when firms are constantly spending time educating regulators about practices that should be commonly understood, critical resources are diverted away from the task of defending against cybercriminals,” he wrote to Treasury Secretary Jack Lew (chairman of FSOC) and Fed Governor Daniel Tarullo (chairman of the FFIEC).

The Nevada senator requested that FSOC and FFIEC provide a detailed response to his letter, including steps and plans the groups can take to increase cybersecurity exam coordination.

NASCUS and CUNA sponsor the annual Cybersecurity Symposium, scheduled this year for Aug. 1-2 in Chicago. The symposium – now in its third year – features participation by state credit union regulators, NCUA and review of tools offered by the FFIEC (such as the FFIEC’s cybersecurity assessment tool).

2016 Cybersecurity Symposium