07/06/2015

GAO: Bank Regulators Can Improve Approach to Info Security Oversight

Banking regulators could improve their approach to overseeing information security at depository institutions by analyzing deficiencies across institutions, the Government Accountability Office said in a new report. Regulators currently use a risk-based examination approach, in which regulators adjust the level of scrutiny at each institution, the GAO noted.

The GAO recommended that regulators improve their use of data analytics in identifying deficiencies. It also called for the National Credit Union Administration to have authority to address risks posed to regulated institutions from third-party technology service providers. ICBA is reviewing the report and will respond accordingly to the GAO. Read the GAO Report.