Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On March 26, the FDIC issued FIL-25-2020 stating that the financial services sector is a “critical infrastructure” during the Covid-19 pandemic pursuant to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency’s (CISA) March 19 guidance. The guidance is intended to help state, local, and industry partners identify critical infrastructure sectors and essential workers in order to ensure continuity of critical functions. The FIL advises company leadership to provide workers with documentation identifying them as critical infrastructure workers who need “to travel inside restricted areas in order to support critical infrastructure.”
On March 25, the OCC issued similar guidance pursuant to CISA’s guidance. Bulletin 2020-23 encourages essential critical infrastructure workers to maintain normal work schedules during the Covid-19 pandemic, and offers guidance for banks concerning workers who may need to move within and between restricted areas. Essential critical infrastructure workers include those who are needed to: (i) “process and maintain systems for processing financial transactions and services (e.g., payment, clearing and settlement; wholesale funding; insurance services; and capital markets activities)”; (ii) “provide consumer access to banking and lending services,” such as ATMs and armored cash carriers; and (iii) support financial institutions (e.g., staffing data and security operations centers). The workers also include key third party providers who deliver core services. The OCC advises banks to, among other things, update business continuity plans and provide documentation to workers detailing work-related travel.
The NCUA also sent a letter to member boards of directors, chief executive officers, chief information officers, and chief information security officers identifying essential critical infrastructure workers pursuant to CISA’s guidance. Updates to Covid-19 NCUA resources are available here.
Departments of Treasury, State, and Homeland Security issue joint advisory warning businesses of North Korean sanctions evasion tactics
On July 23, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC), in conjunction with the Department of State and the Department of Homeland Security, issued an advisory to warn businesses—including manufacturers, buyers, and service providers—of the potential risks that may result from sanctions evasion tactics used by North Korea across supply chains. The advisory also provides assistance for businesses complying with Title III of the Countering America’s Adversaries Through Sanctions Act of 2017 with respect to North Korean sanctions. According to the advisory, the U.S. government “is focusing its disruption efforts on North Korean citizens or nationals whose labor generates revenue for the North Korean government.” Specifically, the advisory warns businesses to examine their entire supply chains and adopt appropriate, well-documented due diligence best practices, which “may be considered mitigating factors when the U.S. government determines the appropriate enforcement response.” The advisory also outlines penalties for violations of sanctions and enforcement actions.
See here for previous InfoBytes coverage on North Korea sanctions.
On September 30, President Trump issued a Proclamation announcing October 2017 as National Cybersecurity Awareness Month. As part of the initiative, the Department of Homeland Security (DHS) issued tools and resources for both consumers and organizations to manage cybersecurity risk. As previously covered in InfoBytes, the President issued an Executive Order earlier this year entitled “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure” that requires agencies to submit risk management reports to DHS and develop recommendations for cybersecurity improvements affecting all critical infrastructure, including the financial services industry.
- Jonice Gray Tucker to moderate “Pandemic relief response and lasting impacts on access, credit, banking, and equality” at the American Bar Association Business Law Section Spring Meeting
- Jeffrey P. Naimon to discuss "Post-pandemic CFPB exam preparation" at the Mortgage Bankers Association Spring Conference & Expo
- Jonice Gray Tucker to discuss "Making fair lending work for you" at the Mortgage Bankers Association Spring Conference & Expo
- Jonice Gray Tucker to discuss "Reading the tea leaves of President Biden’s initial financial appointees" at LendIt Fintech
- Moorari K. Shah to discuss “CA, NY, federal licensing and disclosure” at the Equipment Leasing & Finance Association Legal Forum
- Jonice Gray Tucker to discuss "Compliance under Biden" at the WSJ Risk & Compliance Forum
- Sherry-Maria Safchuk to discuss UDAAP at an American Bar Association webinar
- Jonice Gray Tucker to discuss “The future of fair lending” at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference