reported data breach Image: Shutterstock

The NCUA has approved new cyber incident reporting requirements for credit unions. Under the final rule, federally insured credit unions will be required to notify the NCUA of a "reportable cyber incident" within 72 hours of such an event. The NCUA's final rule follows the 36-hour notification requirement implemented for banking organizations last year. While the final rule doubles the reporting time for credit unions, it also could require credit unions to notify the NCUA of a significantly broader set of incidents than required for banking organizations. The final rule continues the trend of regulators increasing their focus on the cybersecurity safeguards among financial institutions and, in particular, of requiring faster notifications when incidents occur.

Continue Reading for Free

Register and gain access to:

  • Breaking credit union news and analysis, on-site and via our newsletters and custom alerts.
  • Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders.
  • Educational webcasts, white papers, and ebooks from industry thought leaders.
  • Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, and

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.