IT Examiner School

Regulations & Guidance FFIEC IT Booklet Handbooks: Good reference, but remember the booklet does not specifically apply to FIs not regulated by the FFIEC

Regulatory Authority Examples: Depository Institutions

Regulators / Licensure

Laws, Regulations, or Guidance Related to IT, InfoSec, Privacy, etc.

Types of Entities

Banks (state-member, national, state non-member, credit union)

FDIC, FRB, OCC, States, CFPB 12 CFR 364, Appendix B; Section 501(b) of GLBA; FFIEC; State Laws/Regulations (e.g., Part 500, CCPA)

Bank Holding Companies, Trust Companies, US Branches of FBOs

FRB, States

Generally, the same as banks (above)

Credit Unions (Federal or State)

NCUA, States

12 CFR 748 (Appendix A & B)