Banking and Finance Sector-Specific Plan - U.S. Department of ...

More documents

Recommendations

Info

3. Assess Risks Both the public and private members of the Banking and Finance Sector conduct risk assessments. These assessments look at issues and potential vulnerabilities both within individual organizations and sector-wide. Since risk management is part of the banking and finance culture, both regulators and private organization have a long history of conducting regular risk assessments. In the private sector some of these risk assessments are mandated through regulation and validated by the examination process. Furthermore, the private sector institutions conduct voluntary risk assessments to meet their business needs as part of their continuity panning and/or in conjunction with trade associations’ recommendations and self-regulatory requirements. Following the attacks of September 11, 2001, the sector’s risk assessment efforts became more formalized and took on a renewed sense of urgency. The FBIIC began an organized annual effort to examine the financial sector’s resilience. The process has continued and matured over the years to include physical and cyber-based components of the sector as well as dependencies on other critical sectors. Information in this process is garnered through the regulators’ extensive knowledge of sector participants. Furthermore, this information is verified through consultation with key private sector organizations. Information shared between the members of the sector and the financial regulators provide insights into the operational, financial, and systemic risks facing individual organizations and the sector as a whole. Through organizations such as the Federal Financial Institutions Examinations Council (FFIEC), various private sector trade associations, and the FBIIC, there is ongoing verification and validation updating of risk assessment information. Furthermore, through individual information-sharing efforts between the Treasury Department and individual financial institutions, this process is furthered informed regarding new and emerging threats. Through this process, the Treasury Department has identified potential limitations and created a process to identify and assess vulnerabilities within the sector. The following sections refer to the efforts of the Treasury Department, working with the FBIIC members and the private sector, to identify sector vulnerabilities and assess the risks across the Banking and Finance Sector. Assess Risks
Page 1: Banking and Finance Critical Infras
Page 4 and 5: ii Banking and Finance Sector-Speci
Page 6 and 7: iv 2.2.5 Collecting Asset Data 25 2
Page 9 and 10: Executive Summary The Banking and F
Page 11 and 12: 3. Assess Risks Risk assessments ar
Page 13: Introduction According to Homeland
Page 16 and 17: and technological systems. These ex
Page 18 and 19: in various organized markets, from
Page 20 and 21: Figure 1-1: FBIIC Members FBIIC Mem
Page 22 and 23: • The NCUA regulates Federally ch
Page 24 and 25: • Identify voluntary efforts wher
Page 26 and 27: Continuity in the Financial Service
Page 28 and 29: The Banking and Finance Sector has
Page 30 and 31: system. All of the systemically cri
Page 32 and 33: linked to payments occurring in sys
Page 36 and 37: Figure 3-1: Vulnerability Assessmen
Page 38 and 39: Figure 3-2: Dependent Relationships
Page 40 and 41: • The degree of industry dependen
Page 42 and 43: 5.2 Determining Protective Program
Page 44 and 45: Goal 2: To address and manage the r
Page 46 and 47: • Work with international organiz
Page 49 and 50: 6. Measure Progress 6.1 CI/KR Perfo
Page 51 and 52: Goal 2: To address and manage the r
Page 53 and 54: Implementation Action Milestone Sec
Page 55 and 56: 7. CI/KR Protection R&D 7.1 Overvie
Page 57: • Publish updates as needed to do
Page 60 and 61: Finance Sector, the private sector
Page 63 and 64: Appendix 1: List of Acronyms and Ab
Page 65 and 66: Appendix 2: Statutory Authorities T
Page 67 and 68: Federal Reserve Board U.S. Code & R
Page 69 and 70: Securities and Exchange Commission
Page 71 and 72: State Banking Law/Statute Californi
Page 73 and 74: State Banking Law/Statute Pennsylva
Page 75 and 76: Code & Regulations State URL §§ 4
Page 77 and 78: Code & Regulations State URL §§ 2
Page 79 and 80: State Statute Georgia GA ST §§ 10
Page 81 and 82: State Statute Utah UT ST § 61-1-1
Page 83 and 84: Date Title URL 09-04 Internet Banki
Page 85 and 86:
Date Title URL 09-00 Consumer Broch
Page 87 and 88:
Date Title URL 07-04 FFIEC Outsourc
Page 89 and 90:
Date Title URL 08-02 Financial and
Page 91 and 92:
Date Title URL Commercial Bank Exam
Page 93 and 94:
Date Title URL 08-03 NCUA Letter to
Page 95 and 96:
Date Title URL 02-99 NCUA Regulator
Page 97 and 98:
Date Title URL 05-01 Privacy of Con
Page 99 and 100:
Date Title URL 10-06 Updated Direct
Page 101:
Date Title URL Appendix : Statutory
Page 104 and 105:
2. Objective The objective of this
Page 106 and 107:
N R&D focused on SFTP will require
Page 108 and 109:
mon set of guidelines that would be
Page 110 and 111:
5. Conclusions and Recommendations
show all

Banking and Finance Sector-Specific Plan - U.S. Department of ...

Create successful ePaper yourself

Delete template?

Save as template?