Tag Archive for: Regulatory

Bank Regulatory News and Trends

/in


This regular publication from DLA Piper focuses on helping banking and financial services clients navigate the ever-changing federal regulatory landscape.

In this edition:

  • OCC halts publication of proposed fair access rule.
  • Climate issues emerge as heightened priority for banking regulators – and the industry.
  • FDIC appoints fintech expert as first-ever CIO.
  • Banking agencies propose notification rules for computer security incidents.
  • FDIC: Banks report strong fourth quarter after tough year.
  • Biden nominates Chopra as CFPB director.
  • White House announces changes to PPP, targets support for under-banked small businesses.
  • Fed releases 2021 stress test scenarios.
  • Fed Board announces final rule to reduce risk through application of netting protections to a broader range of financial institutions.
  • Reconstituted California regulator signs MOUs with earned wage access companies.
  • New York lawmakers move to expand commercial lending disclosure requirements, delay effective date.

OCC halts publication of proposed fair access rule. In a sign of a potential policy shift with the arrival of the Biden Administration, the Office of the Comptroller of the Currency is pausing publication of a Trump-era proposal intended to prevent banks from denying loans and other services to certain industries, such as fossil-fuel-based energy producers. On January 14, the last day in office for former Comptroller of the Currency Brian Brooks, a Trump appointee, the OCC announced its finalized rule to ensure large national banks, federal savings associations and federal branches and agencies of foreign bank organizations provide fair access to banking services, capital and credit. Slated to take effect on April 1, the rule would have codified more than a decade of OCC guidance stating that banks should conduct risk assessment of individual customers rather than make broad-based decisions affecting whole categories or classes of customers. But, on January 28, OCC announced it was putting a hold on the new rule: “Pausing publication of the rule in the Federal Register will allow the next confirmed Comptroller of the Currency to review the final rule and the public comments the OCC received, as part of an…

Source…

OFAC Regulatory Crackdown on Ransomware Attacks

/in


Tuesday, December 15, 2020

Ransomware is a Serious and Growing Problem

In recent years, Ransomware has evolved from merely encrypting files/disabling networks in solicitation of ransom, to sophisticated attacks that often involve actual data access, theft and sometimes, the threat of publication. These sophisticated malware attacks frequently destroy backups and provide criminals even more leverage over their victims, coercing them to pay ransoms.  Ransomware does not just target businesses – it is often used to attack hospitals, research institutions, and other public services that are especially critical during this global pandemic.

It is increasingly common for Ransomware attacks to be associated with large sophisticated cyber-criminal organizations, with a central entity providing the tools, training, and ability to collect ransoms and sending its “associates” out to cause harm. As long as victims continue to pay ransoms, Ransomware is able to expand. Ransomware is also being adapted for new, criminal purposes.  Increasingly, hackers associated with countries like Iran and North Korea are using Ransomware to generate an influx of cash into their economic streams and bypass economic sanctions. Faced with an urgent need to stop the spread of Ransomware, law enforcement is now moving past its old strategy of strongly discouraging victims from paying ransoms. Regulatory agencies – such as OFAC and the SEC – are implementing regulations to prevent victims from paying ransom to buy their way out of a Ransomware attack.  These regulations arm law enforcement with a new enforcement mechanism – allowing them to punish companies who choose to pay ransom in the face of a Ransomware attack. Accordingly, they signal a new area of regulatory enforcement that will likely become the government’s most powerful tool to curb the spread of Ransomware.

Regulatory Changes to Combat Ransomware

In the absence of evidence of data access or exfiltration, a Ransomware incident may not be considered a breach, and therefore, may fall outside any reporting requirements for cyber-incidents. …

Source…

Imanis Data Enhances Ransomware Security and Regulatory Compliance Offerings for Big Data

/in

  1. Imanis Data Enhances Ransomware Security and Regulatory Compliance Offerings for Big Data  GlobeNewswire (press release)

    2. Full coverage

Ransomware – read more