MFA, along with three other trade associations, submitted a letter to the Department of Treasury requesting cybersecurity policy reforms in light of recently disclosed security breaches at the Office of the Comptroller of the Currency (OCC) and the Treasury itself. The letter asked that federal regulators amend current practices to address vulnerability and prevent any future incidents from occurring.
The letter recommended the following reforms:
- Ensure agencies are held to the same or substantively similar security and data protection standards expected of financial institutions to include transparency and accountability for upholding these standards;
- Enable firms to retain and house their own sensitive data needed for regulatory engagement;
- Improve regulatory agencies’ incident response processes to include notification and communication with regulated institutions; and
- Consolidate and streamline examinations conducted by the financial regulatory agencies to reduce the amount of data being shared.
