Federal banking agencies have emphasized that AI can be both beneficial and harmful, highlighting the need for careful use. Let’s look at some of the specific things that regulators have said about AI.
Model risk management is an evolving topic for community banks and credit unions. While models have been around for a long time, their prevalence in artificial intelligence (AI), machine learning (ML), and other software applications makes understanding and managing them more important than ever. Let’s dive into some frequently asked questions about model risk management.
A service level agreement (SLA) is a specific type of contract between a vendor and a business. It defines performance measures and compensation options for the times when a vendor can’t hold up their end of the bargain. Let’s dive into some specifics about what this looks like and what you (as a vendor manager who cares about information security) need to do about it.
On June 3, 2024, the Securities and Exchange Commission (SEC) published a final rule titled Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information. The rule amends 17 CFR Part 248 and enhances the SEC’s cybersecurity and incident response requirements.
On May 3, 2024, three of the federal banking agencies published a new Third-Party Risk Management Guide for Community Banks. Learn more about the guidance and how it applies to your organization.
On February 26, 2024, the NIST published an update to their Cybersecurity Framework (CSF). In this article, we’ll discuss six key updates and talk about what it means for you.
On Tuesday, October 24, 2023, regulators published an updated version of the Ransomware Self-Assessment Tool (R-SAT). In this blog, we’ll discuss what the R-SAT is, what got updated, and what you need to do about it.
Through the vendor management process, you take steps to make sure your vendors are secure and resilient, but what about their third parties? Do your vendors hold their subcontractors to the same standard of excellence? How can you know?
Three of the federal banking agencies published new guidance on Third-Party Relationships: Risk Management. Here are eight things community banks need to know about it.
This article will tell you what you can expect in your 2023 exam and take you through a bit of the history of each acronym.
In this article, we will dive into what a "Fintech" company is and how relationships with these companies can be managed effectively.
