Financial Institution Cyber Risk & Data Protection

Cyber risks to financial institutions are constantly evolving while data privacy protection compliance requirements continue to evolve as well.  The COVID-19 Pandemic has also led to an increase in cyberattacks on banks and other financial institutions including credit unions and FinTech companies.  This session will examine the latest cyber risk management guidance, self-assessment methodologies and best practices from the international Financial Stability Board and well as from financial institution regulators in the United States and Canada.  It will also cover key data protection and data breach notification requirements that have become a new form of cyber compliance risk.

• Understand the latest cyber risk best practices and data protection requirements for financial institutions.
• Hear how cyber criminals are trying to exploit COVID-19 to target financial institutions and their customers.
• Learn the cyber risk questions that your institutions board of directors and senior managers should be asking your institution’s IT department.  
• Find out how compliance with data protection laws have become the latest form of cyber risk for financial institutions.

• Cyber risk management
• Cyber risk assessment
• COVID-19-related cyber risks
• Data privacy and data protection

This session will provide training on cyber risk management including the Financial Stability Board’s recent international cyber resilience guidance for financial institutions as well as national best practices including the United States’ Federal Financial Institutions Examination Council (FFIEC) FFIEC Cybersecurity Assessment Tool, the US Federal Deposit Insurance Corporation’s Information Technology Risk Examination (InTREx) Program, and Canada’s Cyber Security Self-Assessment Guidance from the Office of the Superintendent of Financial Institutions (OSFI).   This session will also provide an overview of key data protection requirements under the United States’ Gramm-Leach-Bliley Act, the European Union’s General Data Protection Regulation (GDPR) and US State data privacy laws such as the California Consumer Protection Act and New York’s SHIELD Act.

• Board Member
• CEO
• CIO
• CTO
• COO
• CRO
• IT staff
• Compliance officer
• General Counsel

Michael Edwards is an attorney-at-law with extensive experience representing banking institutions and credit unions on a wide range of regulatory matters. He has served as Senior Vice President for Advocacy and General Counsel for the World Council of Credit Unions, an international trade association for credit unions and cooperative banks where he advocated before international and national-level banking regulatory agencies including the Basel Committee on Banking Supervision. He has also served as Senior Assistant General Counsel in the Regulatory Advocacy section of the Credit Union National Association, the largest trade association for credit unions in the United States. Michael has been published on banking and credit union regulatory matters by the Administrative Law Review, Enterprise Magazine, CU Management, and other publications. He holds a J. D. from the American University-Washington College of Law, an M.A. in International Affairs from the American University-School of International Service, and a B.A. in English from the University of Pennsylvania.