Newsroom
NCUA Board set to issue final cyber incident reporting rule
The NCUA Board meets next week and is set to finalize the rule related to cyber incident notification requirements. NAFCU offered recommendations on the proposed rule to improve clarity and reduce regulatory overlap.
The proposed rule would establish a 72-hour period for federal credit unions to provide notice to the NCUA of a reportable cyber incident. NAFCU had flagged an increased administrative burden with this time requirement, and outlined nine recommendations to help reduce the rule’s burden.
The association also requested the agency use the information it collects from credit unions to “improve the security and resilience of the industry,” as well as hold more cybersecurity briefings for credit unions.
In addition, the board during the meeting will consider a proposed rule related to chartering and field of membership. The agency’s fall rulemaking agenda – released earlier this year – indicated this is an effort to remove outdated requirements, simplify the charter approval process, and clarify regulatory language. NAFCU has long advocated for field of membership reforms to allow credit unions to serve more members, especially in underserved communities.
The board will also receive a quarterly update on the Share Insurance Fund. The meeting, set to begin at 10 a.m. Eastern, will be livestreamed on the agency’s website. NAFCU will provide members with updates after it concludes.
Share This
Related Resources
Data Privacy Issue Brief
Whitepapers
Data Privacy Issue Brief
Whitepapers
NAFCU Data Privacy Principles
Whitepapers
Compliance Monitor - August 2018
Newsletter
Get daily updates.
Subscribe to NAFCU today.