82 FR 8172 - Enhanced Cyber Risk Management Standards
DEPARTMENT OF THE TREASURY
Office of the Comptroller of the Currency
FEDERAL RESERVE SYSTEM
FEDERAL DEPOSIT INSURANCE CORPORATION Federal Register Volume 82, Issue 14 (January 24, 2017)
Office of the Comptroller of the Currency
FEDERAL RESERVE SYSTEM
FEDERAL DEPOSIT INSURANCE CORPORATION
Federal Register Volume 82, Issue 14 (January 24, 2017)
| Page Range | 8172-8172 | |
| FR Document | 2017-01539 |
[Federal Register Volume 82, Number 14 (Tuesday, January 24, 2017)] [Proposed Rules] [Page 8172] From the Federal Register Online [www.thefederalregister.org] [FR Doc No: 2017-01539] �======================================================================== �Proposed Rules � Federal Register �________________________________________________________________________ � �This section of the FEDERAL REGISTER contains notices to the public of �the proposed issuance of rules and regulations. The purpose of these �notices is to give interested persons an opportunity to participate in �the rule making prior to the adoption of the final rules. � �======================================================================== � ��Federal Register / Vol. 82, No. 14 / Tuesday, January 24, 2017 / Proposed Rules�� [[Page 8172]] DEPARTMENT OF THE TREASURY Office of the Comptroller of the Currency 12 CFR Part 30 [Docket ID OCC-2016-0016] RIN 1557-AE06 FEDERAL RESERVE SYSTEM 12 CFR Chapter II [Docket No. R-1550] RIN 7100-AE 61 FEDERAL DEPOSIT INSURANCE CORPORATION 12 CFR Part 364 RIN 3064-AE45 Enhanced Cyber Risk Management Standards AGENCY: The Board of Governors of the Federal Reserve System; the Office of the Comptroller of the Currency; and the Federal Deposit Insurance Corporation. ACTION: Joint advance notice of proposed rulemaking; re-opening of comment period. ----------------------------------------------------------------------- SUMMARY: On October 26, 2016, the Board of Governors of the Federal Reserve System (Board), the Office of the Comptroller of the Currency (OCC), and the Federal Deposit Insurance Corporation (FDIC) (collectively, the agencies) published in the Federal Register an advance notice of proposed rulemaking (ANPR) regarding enhanced cyber risk management standards (enhanced standards) for large and interconnected entities under their supervision and those entities' service providers. The ANPR addresses five categories of cyber standards: Cyber risk governance; cyber risk management; internal dependency management; external dependency management; and incident response, cyber resilience, and situational awareness. Due to the range and complexity of the issues addressed in the ANPR, the public comment period has been extended until February 17, 2017. This action will allow interested persons additional time to analyze the proposal and prepare their comments. DATES: The comment period for the advance notice of proposed rulemaking published on October 26, 2016, (81 FR 74315) regarding enhanced cyber risk management standards is extended from January 17, 2017, to February 17, 2017. ADDRESSES: You may submit comments by any of the methods identified in the ANPR.\1\ Please submit your comments using only one method. --------------------------------------------------------------------------- \1\ See 81 FR 74315 (October 26, 2016). FOR FURTHER INFORMATION CONTACT: Board: Anna Lee Hewko, Associate Director, (202) 530-6260; or Matthew Hayduk, Manager, (202) 973-6190; or Julia Philipp, Senior Supervisory Financial Analyst, (202) 452-3940; or Christopher Olson, Senior Supervisory Financial Analyst, (202) 912-4609, Division of Banking Supervision and Regulation; or Benjamin W. McDonough, Special Counsel, (202) 452-2036; or Claudia Von Pervieux, Counsel, (202) 452- 2552; or Michelle Kidd, Counsel, (202) 736-5554, Legal Division; for persons who are deaf or hard of hearing, TTY (202) 263-4869. OCC: Bethany Dugan, Deputy Comptroller for Operational Risk, (202) 649-6949; or Kevin Greenfield, Director, Bank Information Technology, (202) 649-6954; or Eric Gott, Risk Team Lead for Governance and Operational Risk, Large Bank Supervision, (202) 649-7181; or Patrick Kelly, Bank Examiner, Critical Infrastructure Protection, (202) 649- 5519; or Carl Kaminski, Special Counsel, Beth Knickerbocker, Counsel, or Rima Kundnani, Attorney, Legislative and Regulatory Activities Division, (202) 649-5490 or, for persons who are deaf or hard of hearing, TTY, (202) 649-5597, Office of the Comptroller of the Currency, 400 7th Street SW., Washington, DC 20219. FDIC: Donald Saxinger, Senior Examination Specialist, IT Supervision Branch, Division of Risk Management Supervision, (703) 254- 0214; or John Dorsey, Counsel, Supervision & Legislation Branch, Legal Division, (202) 898-3807. SUPPLEMENTARY INFORMATION: On October 26, 2016, the agencies published in the Federal Register an advance notice of proposed rulemaking regarding enhanced cyber risk management standards (enhanced standards) for large and interconnected entities under their supervision and those entities' service providers.\2\ The ANPR stated that the public comment period would close on January 17, 2017.\3\ --------------------------------------------------------------------------- \2\ Id. \3\ Id. --------------------------------------------------------------------------- The agencies received a number of requests to extend the comment period for the ANPR. Due to the range and complexity of the issues addressed in the ANPR, the agencies believe it is appropriate to extend the public comment period until February 17, 2017. This action will allow interested persons additional time to analyze the proposal and prepare their comments. Dated: January 13, 2017. Thomas J. Curry, Comptroller of the Currency. By order of the Board of Governors of the Federal Reserve System, acting through the Secretary of the Board under delegated authority, January 10, 2017. Robert deV. Frierson, Secretary of the Board. Dated: January 13, 2017. Federal Deposit Insurance Corporation by, Valerie Best, Assistant Executive Secretary. [FR Doc. 2017-01539 Filed 1-23-17; 8:45 am] BILLING CODE 4810-33-P; 6210-01-P; 6714-01-P
![8172
Proposed Rules Federal Register
Vol. 82, No. 14
Tuesday, January 24, 2017
This section of the FEDERAL REGISTER in the ANPR, the public comment advance notice of proposed rulemaking
contains notices to the public of the proposed period has been extended until February regarding enhanced cyber risk
issuance of rules and regulations. The 17, 2017. This action will allow management standards (enhanced
purpose of these notices is to give interested interested persons additional time to standards) for large and interconnected
persons an opportunity to participate in the analyze the proposal and prepare their entities under their supervision and
rule making prior to the adoption of the final
comments. those entities’ service providers.2 The
rules.
DATES: The comment period for the ANPR stated that the public comment
advance notice of proposed rulemaking period would close on January 17,
DEPARTMENT OF THE TREASURY published on October 26, 2016, (81 FR 2017.3
74315) regarding enhanced cyber risk The agencies received a number of
Office of the Comptroller of the management standards is extended from requests to extend the comment period
Currency January 17, 2017, to February 17, 2017. for the ANPR. Due to the range and
ADDRESSES: You may submit comments complexity of the issues addressed in
12 CFR Part 30 by any of the methods identified in the the ANPR, the agencies believe it is
ANPR.1 Please submit your comments appropriate to extend the public
[Docket ID OCC–2016–0016] comment period until February 17,
using only one method.
RIN 1557–AE06 FOR FURTHER INFORMATION CONTACT:
2017. This action will allow interested
Board: Anna Lee Hewko, Associate persons additional time to analyze the
FEDERAL RESERVE SYSTEM proposal and prepare their comments.
Director, (202) 530–6260; or Matthew
Hayduk, Manager, (202) 973–6190; or Dated: January 13, 2017.
12 CFR Chapter II Julia Philipp, Senior Supervisory Thomas J. Curry,
[Docket No. R–1550] Financial Analyst, (202) 452–3940; or Comptroller of the Currency.
Christopher Olson, Senior Supervisory By order of the Board of Governors of the
RIN 7100–AE 61
Financial Analyst, (202) 912–4609, Federal Reserve System, acting through the
FEDERAL DEPOSIT INSURANCE Division of Banking Supervision and Secretary of the Board under delegated
CORPORATION Regulation; or Benjamin W. authority, January 10, 2017.
McDonough, Special Counsel, (202) Robert deV. Frierson,
12 CFR Part 364 452–2036; or Claudia Von Pervieux, Secretary of the Board.
Counsel, (202) 452–2552; or Michelle Dated: January 13, 2017.
RIN 3064–AE45 Kidd, Counsel, (202) 736–5554, Legal Federal Deposit Insurance Corporation by,
Division; for persons who are deaf or Valerie Best,
Enhanced Cyber Risk Management
hard of hearing, TTY (202) 263–4869. Assistant Executive Secretary.
Standards OCC: Bethany Dugan, Deputy
[FR Doc. 2017–01539 Filed 1–23–17; 8:45 am]
AGENCY: The Board of Governors of the Comptroller for Operational Risk, (202)
BILLING CODE 4810–33–P; 6210–01–P; 6714–01–P
Federal Reserve System; the Office of 649–6949; or Kevin Greenfield, Director,
the Comptroller of the Currency; and the Bank Information Technology, (202)
Federal Deposit Insurance Corporation. 649–6954; or Eric Gott, Risk Team Lead
DEPARTMENT OF THE TREASURY
ACTION: Joint advance notice of for Governance and Operational Risk,
proposed rulemaking; re-opening of Large Bank Supervision, (202) 649– Internal Revenue Service
comment period. 7181; or Patrick Kelly, Bank Examiner,
Critical Infrastructure Protection, (202) 26 CFR Part 1
SUMMARY: On October 26, 2016, the 649–5519; or Carl Kaminski, Special
Board of Governors of the Federal Counsel, Beth Knickerbocker, Counsel, [REG–135122–16]
Reserve System (Board), the Office of or Rima Kundnani, Attorney, Legislative RIN 1545–BN76
the Comptroller of the Currency (OCC), and Regulatory Activities Division,
and the Federal Deposit Insurance (202) 649–5490 or, for persons who are Dividend Equivalents From Sources
Corporation (FDIC) (collectively, the deaf or hard of hearing, TTY, (202) 649– Within the United States
agencies) published in the Federal 5597, Office of the Comptroller of the AGENCY: Internal Revenue Service (IRS),
Register an advance notice of proposed Currency, 400 7th Street SW., Treasury.
rulemaking (ANPR) regarding enhanced Washington, DC 20219.
ACTION: Notice of proposed rulemaking
cyber risk management standards FDIC: Donald Saxinger, Senior
Examination Specialist, IT Supervision by cross-reference to temporary
(enhanced standards) for large and
Branch, Division of Risk Management regulations.
interconnected entities under their
supervision and those entities’ service Supervision, (703) 254–0214; or John This document contains
sradovich on DSK3GMQ082PROD with PROPOSALS
SUMMARY:
providers. The ANPR addresses five Dorsey, Counsel, Supervision & proposed regulations relating to certain
categories of cyber standards: Cyber risk Legislation Branch, Legal Division, (202) financial products providing for
governance; cyber risk management; 898–3807. payments that are contingent upon or
internal dependency management; SUPPLEMENTARY INFORMATION: On determined by reference to U.S. source
external dependency management; and October 26, 2016, the agencies dividend payments.
incident response, cyber resilience, and published in the Federal Register an
situational awareness. Due to the range 2 Id.
and complexity of the issues addressed 1 See 81 FR 74315 (October 26, 2016). 3 Id.
VerDate Sep<11>2014 18:08 Jan 23, 2017 Jkt 241001 PO 00000 Frm 00001 Fmt 4702 Sfmt 4702 E:\FR\FM\24JAP1.SGM 24JAP1](https://thefederalregister.org/doc/82_FR_8186/page/1.svg)
Document Created: 2018-02-01 15:12:43
Document Modified: 2018-02-01 15:12:43
| Category | Regulatory Information | |
| Collection | Federal Register | |
| sudoc Class | AE 2.7: GS 4.107: AE 2.106: | |
| Publisher | Office of the Federal Register, National Archives and Records Administration | |
| Section | Proposed Rules | |
| Action | Joint advance notice of proposed rulemaking; re-opening of comment period. | |
| Dates | The comment period for the advance notice of proposed rulemaking published on October 26, 2016, (81 FR 74315) regarding enhanced cyber risk management standards is extended from January 17, 2017, to February 17, 2017. | |
| Contact | Board: Anna Lee Hewko, Associate Director, (202) 530-6260; or Matthew Hayduk, Manager, (202) 973-6190; or Julia Philipp, Senior Supervisory Financial Analyst, (202) 452-3940; or Christopher Olson, Senior Supervisory Financial Analyst, (202) 912-4609, Division of Banking Supervision and Regulation; or Benjamin W. McDonough, Special Counsel, (202) 452-2036; or Claudia Von Pervieux, Counsel, (202) 452- 2552; or Michelle Kidd, Counsel, (202) 736-5554, Legal Division; for persons who are deaf or hard of hearing, TTY (202) 263-4869. | |
| FR Citation | 82 FR 8172 | |
| RIN Number | 1557-AE06 and 3064-AE45 | |
| CFR Citation | 12 Title 12 CFR Chapter II 12 CFR 30 12 CFR 364 |
2025 Federal Register | Disclaimer | Privacy Policy
USC | CFR | eCFR