Menu
Banking Exchange Magazine Logo
Menu

Banks Call for Changes to SEC Cybersecurity Proposals

The regulator’s proposals do not take into account other policy goals, according to a trade body coalition

  • |
  • Written by  Banking Exchange staff
 
 
Banks Call for Changes to SEC Cybersecurity Proposals

A coalition of banking sector trade bodies have written to the SEC calling for changes to its planned new rulebook on cybersecurity.

The Bank Policy Institute (BPI), the American Bankers Association (ABA), the Independent Community Bankers of America and the Mid-Sized Bank Coalition of America, collectively expressed support for the proposals but warned that they “insufficiently take into account other policy goals”.

According to the letter, targets such as ensuring the cybersecurity of parties, protecting the soundness of financial institutions, and identifying and punishing perpetrators of cybercrime, were not met.

The coalition stated that the timing and content requirements for incident disclosures were made “without sufficient regard” of potential security risks.

The letter stated: “Specifically, the very fact of disclosure that a cybersecurity incident is ongoing and unremediated may adversely impact a registrant’s ability to effectively respond to and remediate the incident, and significantly exacerbate the resulting risks and harms to the registrant and its shareholders, customers, and others.”

The organizations also stated that periodic disclosures should not be required to reveal the nature or status of remediation activities, including alterations to cybersecurity policies. They claimed that publishing such details would “assist” threat perpetrators who will look for ways to comprise information systems.

They also took issue with the proposed requirement for banks to disclose details of their selection and oversight of third-party entities, including contractual requirements used to tackle security risks.

The letter said banks “should only be required to disclose high-level information, including confirmation that policies and procedures are appropriately applied to third-party selection and ongoing oversight”.

The SEC recently doubled its digital finance oversight team, with the addition of 20 new staff to the newly-rebranded Crypto Assets and Cyber Unit, a part of its enforcement division.

back to top

Sections

About Us

Connect With Us

Resources

WEBINAR

Mitigating loss: Understanding the fraud triangle

Time/Date: Wednesday, December 11th, 2024, 2:00 ET

Fraud continues to be top of mind for bank executives, with hard dollar losses growing at an all-time high.

In this session, we will discuss the fraud triangle and gain valuable insights into the psychology behind fraud, and the tangible and intangible losses incurred due to fraud schemes.

You will come away with a comprehensive understanding of how the fraud triangle applies to your customers, various types of fraud affecting community banks, and actionable steps to mitigate their impact.

REGISTER NOW!

This webinar is brought to you by:

Abrigo logo

Banking Exchange logo