Featured Product

    US Agencies Finalize Rule on Security Incident Reporting

    November 18, 2021

    US Agencies decided to terminate the temporary supervisory and enforcement flexibility that was announced for the mortgage servicing rule in April 2020, amid the COVID-19 pandemic. These agencies are Board of Governors of the Federal Reserve System (FED), Consumer Financial Protection Bureau (CFPB), Federal Deposit Insurance Corporation (FDIC), National Credit Union Administration (NCUA), Office of the Comptroller of the Currency (OCC), and the state financial regulators. Additionally, FDIC, FED, and OCC approved a final rule that requires a banking organization to notify its primary federal regulator of any “computer-security incident” that rises to the level of a notification incident. The final rule takes effect on April 01, 2022, with full compliance extended to May 01, 2022.

    The final rule on security incident notification requires a banking organization to notify its primary federal regulator of any significant computer-security incident as soon as possible and no later than 36 hours after the banking organization determines that a cyber incident has occurred. The rule defines computer-security incident as an occurrence that results in actual harm to the confidentiality, integrity, or availability of an information system or the information that the system processes, stores, or transmits. Notification is required for incidents that have materially affected—or are reasonably likely to materially affect—the viability of a banking organization's operations, its ability to deliver banking products and services, or the stability of the financial sector. The final rule also requires a bank service provider to notify the affected banking organization customers as soon as possible when the provider determines that it has experienced a computer-security incident that has materially affected or is reasonably likely to materially affect banking organization customers for four or more hours.

    With respect to the Joint Statement on mortgage servicing rules, in April 2020, the US Agencies (including CFPB, FDIC, FED, NCUA, OCC) had announced that, until further notice, they would not take supervisory or enforcement action against mortgage servicers for failing to meet certain timing requirements under the mortgage servicing rules as long as the servicers made good faith efforts to provide those required notices or disclosures and took the related actions within a reasonable period of time. More than 18 months have passed since issuance of the April 2020 Joint Statement. While the COVID-19 pandemic continues to affect consumers and mortgage servicers, the US Agencies believe the temporary flexibility described in the April 2020 Joint Statement is no longer necessary because servicers have had sufficient time to adjust their operations by, among other things, taking steps to work with consumers affected by the COVID-19 pandemic and developing more robust business continuity and remote work capabilities. The agencies will now apply their respective supervisory and enforcement authorities, where appropriate, to address any noncompliance or violations of the Regulation X mortgage servicing rules that occur after the date of issuance of this statement.

     

    Related Links

    Effective Date: April 01, 2022 (Final Rule)

    Keywords: Americas, US, Banking, Mortgage Servicing Rules, COVID-19, Cyber Risk, Lending, Incident Reporting, US Agencies

    Featured Experts
    Related Articles
    News

    BSP Tackles Aspects of Lending and Islamic, Open & Sustainable Finance

    The Central Bank of the Philippines (BSP) issued communications covering developments related to online lending platforms, open finance framework and roadmap, and on the expected regulations in the area sustainable finance.

    January 16, 2022 WebPage Regulatory News
    News

    US Agencies Issue Regulatory Updates, FDIC Launches Tech Sprint

    The Board of Governors of the Federal Reserve System (FED) published the final rule that amends Regulation I to reduce the quarterly reporting burden for member banks by automating the application process for adjusting their subscriptions to the Federal Reserve Bank capital stock, except in the context of mergers.

    January 13, 2022 WebPage Regulatory News
    News

    EBA Issues Guide on Bank Resolvability, Consults on Transferability

    The European Banking Authority (EBA) published its assessment of risks through the quarterly Risk Dashboard and the results of the Autumn edition of the Risk Assessment Questionnaire (RAQ).

    January 13, 2022 WebPage Regulatory News
    News

    MFSA Publishes CRD5 Updates and Supervisory Priorities for 2022

    The Malta Financial Services Authority (MFSA) updated the guidelines on supervisory reporting requirements under the reporting framework 3.0.

    January 13, 2022 WebPage Regulatory News
    News

    HKMA Extends Repayment for Trade Facilities, Consults on Crypto-Assets

    The Hong Kong Monetary Authority (HKMA) published a circular, along with the reporting form and instructions, for self-assessment, by authorized institutions, of compliance with the Code of Banking Practice 2021.

    January 12, 2022 WebPage Regulatory News
    News

    FCA Registers Securitization Repositories; PRA Issues 2022 Priorities

    The Financial Conduct Authority (FCA) decided to register European DataWarehouse Ltd and SecRep Limited as securitization repositories under the UK Securitization Regulation, with effect from January 17, 2022.

    January 12, 2022 WebPage Regulatory News
    News

    EC Regulation Sets Out Methods for Measuring K-Factors Under IFR

    The European Commission (EC) published the Delegated Regulation 2022/25, which supplements the Investment Firms Regulation (IFR or Regulation 2019/2033) with respect to the regulatory technical standards specifying the methods for measuring the K-factors referred to in Article 15 of the IFR.

    January 11, 2022 WebPage Regulatory News
    News

    BIS Studies How Platform Models Impact Financial Stability & Inclusion

    The Bank of International Settlements (BIS) published a paper that assesses the ways in which platform-based business models can affect financial inclusion, competition, financial stability and consumer protection.

    January 10, 2022 WebPage Regulatory News
    News

    CBE Issues Additional Measures to Ease Disruptions from Pandemic

    The Central Bank of Egypt (CBE) published a circular with instructions on emergency liquidity assistance to banks that are unable to meet their liquidity requirements.

    January 10, 2022 WebPage Regulatory News
    News

    ESAs Publish List of Financial Conglomerates for 2021

    The European Supervisory Authorities (ESAs) published the list of identified financial conglomerates for 2021.

    January 07, 2022 WebPage Regulatory News
    RESULTS 1 - 10 OF 7868