What are the Regulators Saying About Artificial Intelligence (AI)? (May 2026 Update)
Federal banking regulators are increasingly approaching AI with cautious optimism. Here's what community banks and credit unions need to know in 2026.
Thanks for visiting our
Tandem Blog
Get our blog posts straight to your inbox.
You have been successfully subscribed to our newsletter.
Riding into the Sunset: A Community Financial Institution’s Guide to IT Asset End-of-Life
When IT assets hit their sunset phase, most people would rather be anywhere else. But if you work for a financial institution, managing IT asset end-of-life (EOL) isn’t just a good idea; it’s a requirement.
How can you handle EOL without the stress? Let’s take a look.
How to Write an AI Policy
As artificial intelligence (AI) becomes more integrated with business operations, it’s increasingly important to develop clear policies to manage AI-related risks, maintain compliance, and uphold ethical standards. Here’s what you should consider when creating an AI policy for your organization.
What are the Regulators Saying About Artificial Intelligence (AI)?
Federal banking agencies have emphasized that AI can be both beneficial and harmful, highlighting the need for careful use. Let’s look at some of the specific things that regulators have said about AI.
Model Risk Management FAQs for Community Banks & Credit Unions
Model risk management is an evolving topic for community banks and credit unions. While models have been around for a long time, their prevalence in artificial intelligence (AI), machine learning (ML), and other third-party software applications makes understanding and managing them more important than ever. Let’s dive into some frequently asked questions about model risk management.
A Vendor Manager’s Guide to Service Level Agreements (SLAs)
A service level agreement (SLA) is a specific type of contract between a vendor and a business. It defines performance measures and compensation options for the times when a vendor can’t hold up their end of the bargain. Let’s dive into some specifics about what this looks like and what you (as a vendor manager who cares about information security) need to do about it.
Regulation S-P: An Overview of the SEC’s Latest Cybersecurity Amendments
On June 3, 2024, the Securities and Exchange Commission (SEC) published a final rule titled Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information. The rule amends 17 CFR Part 248 and enhances the SEC’s cybersecurity and incident response requirements.
The New Third-Party Risk Management Guide for Community Banks
On May 3, 2024, three of the federal banking agencies published a new Third-Party Risk Management Guide for Community Banks. Learn more about the guidance and how it applies to your organization.
6 Key Updates in the NIST Cybersecurity Framework (CSF) 2.0
On February 26, 2024, the NIST published an update to their Cybersecurity Framework (CSF). In this article, we’ll discuss six key updates and talk about what it means for you.
Updated Ransomware Self-Assessment Tool (R-SAT 2.0)
Published Date:
On Tuesday, October 24, 2023, regulators published an updated version of the Ransomware Self-Assessment Tool (R-SAT). In this blog, we’ll discuss what the R-SAT is, what got updated, and what you need to do about it.
The Vendor Manager’s Guide to Subcontractor Risk Management
Through the vendor management process, you take steps to make sure your vendors are secure and resilient, but what about their third parties? Do your vendors hold their subcontractors to the same standard of excellence? How can you know?