Integrated Risk Guidance

New Integrated Third-Party Risk Management Guidance from the OCC, Federal Reserve, and FDIC

by Gary Roboff, Senior Advisor | June 22, 2023 | Guidance, Public Policy

Regulators have developed “principles-based guidance that provides a flexible, risk-based approach to third-party risk management that can be adjusted to the unique circumstances of each third-party relationship.” On June 6th, less than 20 months after comments closed, the Federal Reserve, The ....


Request For Comments – Interagency Guidance for Third Party Risk Management

by Gary Roboff, Senior Advisor | August 4, 2021 | Guidance, Public Policy

Three of the four federal banking regulators have launched an extremely important effort to refresh and harmonize third party risk management guidance for financial institutions in the United States (the comment period closes on September 17th). Shared Assessments plans to respond to the request for ....

G-7 Financial Sector Fundamental Cybersecurity Guidance

October 14, 2016 | Banking and Financial Services, Cybersecurity, Guidance, Industry Verticals

This week the U.S. Department of the Treasury and the Board of Governors of the Federal Reserve System announced the publication of the G-7 Fundamental Elements of Cybersecurity for the Financial Sector. The document, released by central bank governors and finance ministers of the G-7 nations, delin ....

Heightened Expectations Raise the Bar for All

December 12, 2014 | Compliance, Cybersecurity, Guidance, Office of the Comptroller of the Currency (OCC), Regulatory Compliance, Risk, Risk Management

The Office of the Comptroller of the Currency (OCC) published final guidelines that establish minimum standards for risk governance frameworks for OCC regulated institutions with over $50 billion in assets. While that asset threshold would seem to specifically exclude most community banks, the OCC h ....

FFIEC to Update Cybersecurity Guidance

November 4, 2014 | Cybersecurity, Guidance

The FFIEC issued its general findings from an assessment of over 500 community based financial institutions this summer. In its November 3rd press release, the FFIEC discussed the growing need for tighter cybersecurity measures and indicated that it was already in the process of reviewing and updati ....

A Primer on Vendor Classification

August 28, 2014 | Guidance, Risk, Risk Management

With the publication of OCC Bulletin 2013-29 as well as numerous recent breaches involving vendors a perfect storm of awareness has arisen not only in the financial services industry but many others as well. The inevitable result will be an emphasis within organizations on better management of the ....

Next Page »