Industry associations highlight cybersecurity risks at US regulatory agencies
Four industry trade associations have called for significant reforms to how federal financial regulators handle sensitive data following a data breach at the Office of the Comproller of the Currency that exposed over 148,000 private correspondences containing sensitive supervisory information about US financial institutions.
0
In a letter addressed to Treasury Secretary Scott Bessent, The Bank Policy Institute, American Bankers Association, MFA and Sifma say that growing threats from hostile nation-states targeting US critical infrastructure serve as a reminder of the urgency to address vulnerabilities.
'Government agencies are increasingly the target of persistent and sophisticated nation-state attacks that could disrupt financial markets and our economy,' the organizations wrote. 'It is imperative that federal regulators recognize that they are equally a target of malicious actors and implement the same or substantially similar cybersecurity and incident response practices that they expect financial institutions to maintain.'
Financial institutions are legally required to share sensitive, proprietary and non-public information with their regulators as part of the supervisory process. This information can range from capital and liquidity management to cybersecurity protocols. However, centralizing large amounts of data can create a prime target for illicit actors seeking to harm US economic security, says the organisations.
They point out that over the past two years, both the Treasury Department and the OCC have suffered significant cyber incidents.
At the OCC, hackers were at work inside its systems for over a year-and-a-half before the intrusion were discovered. Immediately after the breach was reported both JPMorgan Chase and Bank of New York Mellon scaled back electronic information sharing with the agency.
To mitigate risk and prevent similar problems in the future, the groups are urging the Treasury to hold federal agencies to the same security and data protection standards as private companies.
They want to limit data collection to only what is necessary and avoid centralisation of sensitive data, allowing companies to maintain control and access to their data.
The letter states: 'As firms are required to share non-public, highly sensitive information with regulators as part of the supervisory process, compromises at regulatory agencies could expose institutions' vulnerabilities and business information to malicious actors, putting them at strategic disadvantage.'
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Finextra
17 minutes ago
- Finextra
New data access bill paves the way for evolution of open banking to open finance
The UK Government has passed the Data (Use and Access) Bill through the House of Parliament, paving the way for expansion of open banking and smart data sharing across multiple business sectors. 0 The legislation is a key lever to support the expansion of open banking beyond payments to a more general open finance model, giving consumers the power to share their data more widely across new use cases in energy, telecoms, transport and retail sectors. This broader vision expands the open-data concept beyond banks to encompass insurance, investments, pensions, and other financial services. One example would be an insurance company offering an overview of existing pension products or the access to loans and deposits data from different banks in one application. The UK Centre for Finance, Innovation and Technology (CFIT) has already built two working prototypes of open finance applications for providing financial advice to vulnerable consumers and to speed up credit assessments for SME loan applications. Other use cases could include the sharing of mortgage data to grease the wheels of the property market and provide the best deals on utility bills. Open Banking Limited CEO Henk Van Hulle comments: 'This is a landmark moment for the sector, but it is just the beginning. Now is the time to turn these foundations into real-world outcomes which empower consumers, drive innovation, and unlock growth. 'Having set the legislative foundations for a smarter, more connected data economy, government, regulators and industry need to come together to make this a reality. The coming months will see important choices made that will frame the type of ecosystem and outcomes we deliver in the years to come.'
The Independent
18 minutes ago
- The Independent
Budget airline axes all flights to US as airspace restrictions bite
An Icelandic-based airline has announced it plans to axe all its flights to the US, stopping trips to major cities like Washington D.C. and New York by the autumn. Low-cost airline Play operates flights between Iceland and destinations in the US and Europe, offering budget tickets on Airbus aircraft to and from its main hub, Keflavík International Airport. Play flies in and out of Iceland to European countries such as Denmark, France, Germany, and the United Kingdom. As well as Europe, the airline also directly links Iceland to Baltimore, Boston, and New York City. The airline operates on a hub-and-spoke model, meaning it uses one central airport, Keflavík, to connect to other airports around the world. Play launched its transatlantic flights in the spring of 2022, and has been flying to the US for just over three years. Play's hub-and-spoke routes have since financially underperformed, and an over-saturation in the transatlantic market has meant a growth in competition between airlines. Play will suspend its flights to New York Stewart on 1 September, followed by Boston Logan on 15 September, then finally Baltimore/Washington on 24 October. Its routes in Northern Europe are also expected to be scaled back due to Play dropping the hub-and-spoke strategy it has used since launching four years ago. The strategy has seen a loss of $20 million (£14.7 million) in 2024 in comparison to profits made in point-to-point European leisure markets. The restructuring will come as part of a proposed executive takeover by Play's CEO Einar Örn Ólafsson and Vice Chairman Elías Skúli Skúlason. In a notification to the Central Bank of Iceland, the executives said they plan to submit a voluntary offer for all outstanding shares in the airline via a new holding entity, Aviation Week reported. 'Due to airspace restrictions, several European airlines have redeployed capacity across the Atlantic, leading to overcapacity in the transatlantic market,' the offer document seen by Aviation Week says. 'Many carriers have suspended or terminated East Asia routes, facing a competitive disadvantage against Asian airlines still able to overfly Russia. 'This has increased pressure on transatlantic yields.' If the proposal is approved, Play's revised strategy hopes to target the leisure and VFR (visiting friends and relatives) market. The airline wants to target 'underserved sun destinations' and has recently announced new flights to Antalya, Faro and Agadir. 'We're focusing on the profitable aspects of the business—sun destination flights—and discontinuing those that have not yielded results,' Mr Ólafsson said. The airline will also offer wet-lease services, which provide short-term aircraft and crew to help other airlines fill gaps in schedules.
Telegraph
24 minutes ago
- Telegraph
RFK Jr appoints new vaccine committee – including vaccine sceptic doctor
Robert F. Kennedy Jr. has appointed a new vaccine advisory panel, including a medical doctor who has claimed that Covid vaccines 'may damage [children's] brains, their heart, their immune system, and their ability to have children in the future.' The move comes just two days after the US health secretary unprecedentedly dismissed all 17 members of the Advisory Committee on Immunization Practices (ACIP), the body responsible for advising on vaccine recommendations to prevent and control diseases. Of the eight new members, four have actively spoken out against vaccination in some form. The most controversial pick is Dr Robert Malone, a prominent opponent of mRNA vaccines who also falsely claims to have invented the technology. While Dr Malone was involved in some of the early research on mRNA, his role was minimal at best, say experts. Dr Malone has previously stated that mass vaccination programs during the pandemic were enabled by 'mass formation psychosis,' an unrecognised medical term he coined, which he says also explains how Nazi Germany carried out the Holocaust. He was temporarily banned from X (formerly Twitter) for spreading misinformation about Covid-19, including claims that mRNA vaccines are experimental gene therapy that could cause irreparable harm, particularly to children. Also on the panel is Dr Martin Kulldorff, a former Harvard Medical School professor who was dismissed from his position in 2024. Dr Kulldorff was a key figure in the Great Barrington Declaration, an open letter published in 2020 that opposed widespread lockdowns and was widely criticised by experts as dangerous and anti-scientific. Of the panel, which includes Joseph Hibbeln, Retsef Levi, Cody Meissner, James Pagano, Vicky Pebsworth and Michael Rossm, four who have previously worked on committees associated with either the Centre for Disease Control and Prevention (CDC), or the Food and Drug Administration. 'All of these individuals are committed to evidence-based medicine, gold-standard science, and common sense,' Mr Kennedy said in a post on X. It's not clear what process these figures went through, but it typically takes more than a year to be appointed to a federal advisory panel. Dr Noel Brewer, a professor in public health at the University of North Carolina who was a member of the ACIP, said it typically takes more than a year to be appointed as a member of a federal advisory panel – and that he went through a 1.5 year process to serve on ACIP. 'You apply by writing an essay,' he told the Telegraph. 'Once you're approved, you fill out maybe 20 or 30 forms. You disclose all of your financial stakes in companies and all sources of income. Then you get ethics training.' The health secretary added that the panel would attend a CDC meeting on June 25, where advisors are expected to deliberate and vote on who should receive a number of vaccines, including the flu shot, Covid-19 boosters, and vaccines for RSV, HPV, and meningococcal disease. Dr Peter Hotez, a vaccine expert and Dean for the National School of Tropical Medicine at the Baylor College of Medicine in Houston, said: 'Kennedy is leading a MAHA [Make America Healthy Again] pseudoscience agenda, mostly as an economic stimulus for a very corrupt wellness/influencer industry'.
