Menu
Banking Exchange Magazine Logo
Menu

Is the FDIC’s IT Risk Program Unfit for Purpose?

An internal audit has found numerous flaws with the FDIC’s InTREx system for assessing cybersecurity risks

  • |
  • Written by  Banking Exchange staff
 
 
Is the FDIC’s IT Risk Program Unfit for Purpose?

A federal risk program aimed at overseeing IT security at banks and other financial institutions is “outdated” and risks missing “significant IT and cyber risks”, according to an audit of the system.

The Federal Deposit Insurance Corporation’s (FDIC) IT Risk Examination program, known as InTREx, was not being properly implemented by the organization’s examiners and “did not reflect current federal guidance”, according to the FDIC’s Office of Inspector General.

The internal audit report also found that the FDIC had not properly communicated InTREx updates to its examiners, had failed to provide proper training on IT risks, and had no way of measuring the progress it had made with implementation of InTREx.

“The weaknesses… collectively demonstrate the need for the FDIC to take actions to ensure that its examiners effectively assess and address IT and cyber risks during IT examinations,” the Inspector General wrote.

“Without effective implementation of the InTREx program, significant IT and cyber risks may not be identified by examiners and addressed by financial institutions.”

Poor risk assessments could also negatively affect the corporation’s supervisory work and lead to banks and other federally insured institutions paying the wrong premiums, the report warned.

The report’s verdict comes after a survey of bank risk chiefs found that cybersecurity was their top risk management priority for 2023. EY reported that many chief risk officers felt their banks’ inability to manage cybersecurity issues was a top strategic risk over the next three years.

The FDIC joined other federal regulators at the start of this year in warning that crypto-assets were a potential source of contagion risk for the financial sector, and pledged to “closely monitor” banks’ exposures to the sector.

back to top

Sections

About Us

Connect With Us

Resources

Webinar:

Customer Onboarding, Fraud Prevention, and Digital Banking Transformation

Tuesday, October 1st, 2024, at 2:00 pm ET

Banking Exchange will host a crucial webinar exploring key issues and trends in the banking and financial services sector. We will welcome John Baird, a leading expert on the application of identity verification technology in banking.

This discussion will focus on customer onboarding, fraud prevention, and digital banking transformation, providing actionable insights and strategies for banks to enhance customer acquisition and operational efficiency while adapting to evolving regulatory and technological demands.

Mr. Baird will spark discussion of hot topics impacting the performance of banks:

REGISTER NOW!

This webinar is brought to you by:

VouchedBanking Exchange