FDIC Announces New Computer-Security Incident Notification Requirement For Banking Organizations and Their Bank Service Providers
In November 2021, the FDIC announced that U.S financial regulators have approved a new rule that would require banking organizations to report any significant computer-security incident within 36 hours of discovery to both its primary federal regulator and banking organization customers that are likely to be materially affected for four or more hours.