Skip Header
U.S. flag

An official website of the United States government

Financial Institution Letters

April 2, 2014

ATM and Card Authorization Systems

Printable Format:

FIL-10-2014 - PDF (PDF Help)


The FDIC, as a member of the Federal Financial Institutions Examination Council (FFIEC), is issuing the attached statement describing risks related to recent cyber-attacks on automated teller machines (ATMs) and card authorization systems that have resulted in large dollar frauds. These attacks are known as Unlimited Operations.

The FDIC expects financial institutions to take steps to address this threat by reviewing the adequacy of their controls over their information technology (IT) networks, card issuer authorization systems, systems that manage ATM parameters, and fraud detection and response processes.

Statement of Applicability to Institutions with Less than $1 Billion in Total Assets: This Financial Institution Letter (FIL) applies to all FDIC-supervised institutions.


Suggested Distribution:

Suggested Routing:




FDIC Financial Institution Letters (FILs) may be accessed from the FDIC's Web site at

To receive FILs electronically, please visit

Paper copies may be obtained through the FDIC's Public Information Center, 3501 Fairfax Drive, E-1002, Arlington, VA 22226 (1-877-275-3342 or 703-562-2200).