Top US regulator warns banks against cyberattacks

WASHINGTON, December 6, Reuters - A top US banking regulator is cautioning firms to have robust policies in order to protect themselves from cyberattacks, saying it is seeing an increase in ransomware attacks.

The Office of the Comptroller of the Currency said banks must have robust systems to identify threats and vulnerabilities in their technology, and should back up key systems and records in isolation to protect against hackers who try to disrupt systems for a payout.

In its semiannual risk report, the OCC cautioned banks to be vigilant about third-party relationships, noting bad actors are exploiting outside vulnerabilities to conduct malicious cyber activities. Credit risk remains moderate for banks as loan portfolios have weathered the pandemic due to good risk management by banks and government relief programs, according to the OCC. The OCC noted that banks face some challenges in helping clients navigate the conclusion of some of the programs, like the Paycheck Protection Program, leaving banks with heightened compliance responsibilities.

The OCC plans to roll out with the nation's largest, most complex firms with a new climate risk framework for nationals banks that it supervises on climate, as part of its work to build a new climate risk framework for nationals.