BankTech Bytes: Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers

5/16/2022 - By Nancy Patton

As of May 1, 2022, banks must now notify their primary federal regulator within 36 hours of determining a "notification incident" has occurred, while a bank service provider is required to notify each affected bank "as soon as possible" if an incident is "reasonably likely" to cause a disruption for more than four hours.

How to Get Started

The technology experts at Saltmarsh are ready to share their expertise. Please contact us to discuss any existing and potential challenges you face with technology and ransomware, and help ensure your successful future.

Join our email list to receive updates as they are released!


About the Author | Stephen Reyes, CISA, CISSP

Stephen is a shareholder and leader of the Information Technology Services practice of Saltmarsh, Cleaveland & Gund. He joined the firm in 1997 and has been practicing in this field since 1990. His experience includes computer networking and technology consulting. Stephen is a Certified Information Systems Auditor, Microsoft Certified Systems Engineer and a Cisco Certified Network Associate. He also holds certifications with ISACA, Novell, Citrix and CompTIA. Stephen has assisted a number of financial institutions with IT compliance audits, security audits, as well as system selection, implementation and conversion.

Related Posts