Skip to main content
U.S. flag
An official website of the United States government
Dot gov
The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
Https
The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
Press Release
Agencies Propose Requirement for Computer Security Incident Notification
December 18, 2020
Joint Release

Board of Governors of the Federal Reserve System

Federal Deposit Insurance Corporation

Office of the Comptroller of the Currency

FOR IMMEDIATE RELEASE

Federal financial regulatory agencies today announced a proposal that would require supervised banking organizations to promptly notify their primary federal regulator in the event of a computer security incident. In particular, alerts would be required for incidents that could result in a banking organization’s inability to deliver services to a material portion of its customer base, jeopardize the viability of key operations of a banking organization, or impact the stability of the financial sector.

The proposed rule is intended to provide the agencies with an early warning of significant computer security incidents and would require notification as soon as possible and no later than 36 hours after a banking organization determines that an incident has occurred.

In addition, the proposal would require service providers to notify affected banking organizations immediately when the service provider experiences computer security incidents that materially disrupt, degrade, or impair certain services they provide.

Comments on the proposal must be received within 90 days of its publication in the Federal Register .

PR-141-2020
Attachments
Last Updated: December 18, 2020