Each depositor insured to at least $250,000 per insured bank



Home > News & Events > Press Releases




Press Releases

Joint Release Board of Governors of the Federal Reserve System
Federal Deposit Insurance Corporation
Office of the Comptroller of the Currency
Office of Thrift Supervision




Federal Bank Regulatory Agencies Jointly Issue Interagency Guidance on Response Programs for Security Breaches

For Immediate Release
FDIC-PR-26-2005
March 23, 2005

The Federal Deposit Insurance Corporation, the Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision have jointly issued Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice.

The guidance interprets the agenciesí customer information security standards and states that financial institutions should implement a response program to address security breaches involving customer information.

The response program should include procedures to notify customers about incidents of unauthorized access to customer information that could result in substantial harm or inconvenience to the customer.

The guidance provides that, "when a financial institution becomes aware of an incident of unauthorized access to sensitive customer information, the institution should conduct a reasonable investigation to promptly determine the likelihood that the information has been or will be misused."

"If the institution determines that misuse of its information about a customer has occurred or is reasonably possible, it should notify the affected customer as soon as possible," the guidance states. However, notice may be delayed if an appropriate law enforcement agency determines that notification will interfere with a criminal investigation.

Under the guidance, a financial institution should notify its primary federal regulator of a security breach involving sensitive customer information, whether or not the institution notifies its customers.

# # #

Attachment: Interagency Guidance on Response Programs for Security Breaches - PDF 550k (PDF Help)

Media Contacts
FDIC David Barr (202) 898-6992
Federal Reserve Susan K. Stawick (202) 452-2955
OCC Kevin Mukri (202) 874-5770
OTS Erin Hickman (202) 906-6677



Last Updated 3/23/2005 communications@fdic.gov