Department of Treasury January 12, 2021 – Federal Register Recent Federal Regulation Documents

Agency Information Collection Activities: Information Collection Renewal; Comment Request; Investment Securities
Document Number: 2021-00434
Type: Notice
Date: 2021-01-12
Agency: Comptroller of the Currency, Department of Treasury, Department of the Treasury
The OCC, as part of its continuing effort to reduce paperwork and respondent burden, invites the general public and other Federal agencies to take this opportunity to comment on a continuing information collection as required by the Paperwork Reduction Act of 1995 (PRA). In accordance with the requirements of the PRA, the OCC may not conduct or sponsor, and respondents are not required to respond to, an information collection unless it displays a currently valid Office of Management and Budget (OMB) control number. The OCC is soliciting comment concerning the renewal of its information collection titled, ``Investment Securities.''
Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers
Document Number: 2020-28498
Type: Proposed Rule
Date: 2021-01-12
Agency: Federal Deposit Insurance Corporation, Agencies and Commissions, Federal Reserve System, Office of the Comptroller of the Currency, Department of Treasury, Department of the Treasury
The OCC, Board, and FDIC (together, the agencies) invite comment on a notice of proposed rulemaking (proposed rule or proposal) that would require a banking organization to provide its primary federal regulator with prompt notification of any ``computer-security incident'' that rises to the level of a ``notification incident.'' The proposed rule would require such notification upon the occurrence of a notification incident as soon as possible and no later than 36 hours after the banking organization believes in good faith that the incident occurred. This notification requirement is intended to serve as an early alert to a banking organization's primary federal regulator and is not intended to provide an assessment of the incident. Moreover, a bank service provider would be required to notify at least two individuals at affected banking organization customers immediately after the bank service provider experiences a computer-security incident that it believes in good faith could disrupt, degrade, or impair services provided for four or more hours.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.