Banking Exchange Magazine Logo

New cyber security tool in works by OCC

Comptroller calls for public/private collaboration

New cyber security tool in works by OCC

The Office of the Comptroller of the Currency plans to issue “soon” what it calls a “cyber security assessment tool” with which financial institutions can evaluate their inherent cyber security risk.

Comptroller of the Currency Thomas Curry said in a speech to the BITS Emerging Payments Forum in Washington, D.C., that the tool should help shape banks’ risk management capabilities—including those in existing and emerging payment areas. It’s intended to shed light on how well cyber security measures already undertaken comport with the bank’s cyber security risks.

“I want to emphasize that the assessment tool is exactly that. It is a tool to help banks, particularly community banks, to defend against cyber security threats,” said Curry. “Those threats are real and they are unlikely to abate anytime soon. In fact, they are more likely to increase.”

Added Curry, for the skeptical: “I would caution against anyone viewing this effort and the OCC’s complementary cyber security examination program as an unnecessary regulatory burden. The time to act is now.”

The tool, he said, was developed based in part on data obtained by a joint assessment of cyber security preparedness at 500 institutions last year by bank regulatory agencies. Another offshoot of that effort was the strong recommendation by the Federal Financial Institutions Examination Council that banks of all sizes should participate in the Financial Services Information Sharing and Analysis Center, a nonprofit forum intended to facilitate the sharing of physical and cybersecurity threat and vulnerability information.

“One of the lessons we have learned in the bank regulatory community is that collaboration is vital, especially in dealing with highly complex, rapidly evolving challenges like cyber security,” Curry said. “I’m referring not only about collaboration and cooperation among the banking agencies, but also among financial providers.”

John Ginovsky

John Ginovsky is a contributing editor of Banking Exchange and editor of the publication’s Tech Exchange e-newsletter. For more than two decades he’s written about the commercial banking industry, specializing in its technological side and how it relates to the actual business of banking. In addition to his weekly blogs—"Making Sense of It All"—he contributes fresh, original stories to each Tech Exchange issue based on personal interviews or exclusive contributed pieces. He previously was senior editor for Community Banker magazine (which merged into ABA Banking Journal) and for ABA Banking Journal and was managing editor and staff reporter for ABA’s Bankers News. Email him at [email protected]

back to top


About Us

Connect With Us


Webinar: Real-Time Payments in the U.S. Market

Time/Date: June 16, 2021 2:00 p.m. ET

The U.S. has come a long way in its journey to real-time payments, with TCH and Zelle in market and FedNow just around the corner. COVID-19 has accelerated that demand to move to real-time. Yet many financial institutions remain unconvinced of the need to move, with less than 3% of financial institutions signed up today.

In this Banking Exchange hosted webinar Celent’s Gareth Lodge, Senior Analyst, Global Payments, and Alacriti’s Mark Ranta, Payments Practice Lead, discuss the findings in the Celent research report, Real-Time Payments in the US Market: Speeding Up or Slowing Down? A Call to Arms.


This webinar is brought to you by:
Alacriti logo