FDIC OIG highlights crypto and cybersecurity challenges

One hundred thirty-six Federal Deposit Insurance Corp.-insured banks have “ongoing or planned crypto-asset-related activities” The FDIC’s Office of Inspector General said in a report this month.

In addition, some 52 million Americans have invested in crypto, according to the report, which highlights the agency’s top management and performance challenges.

“The risks associated with digital assets and new technologies require a whole-of-government response,” OIG wrote in its report, adding that policies and procedures for investigations and the FDIC guidance on digital assets for banks should be consistent with other regulators.

Last month, the FDIC issued a joint statement with the Federal Reserve and the Office of the Comptroller of the Currency warning financial institutions about the risks they face when dealing with cryptocurrencies. The regulators followed that up last week with a “reminder” about crypto-liquidity risk.

To highlight it OIG cited Silvergate Bank, which saw its deposits plunge 68% in the fourth quarter of last year as customers withdrew billions of dollars worth of crypto assets. The bank sold $5.2 billion in debt securities to recover – at a loss of $718 million.

The November Collapse of Crypto Exchanges FTX revealed that 11 banks did business with platform and suffers by association, the OIG report noted.

The FDIC, in turn, sent cease-and-desist letters to five crypto firms, alleging that they falsely claimed on their websites and social media accounts that certain crypto products held in brokerage accounts were FDIC-insured.

The OIG emphasized in its report that the FDIC must have enough information to create data-driven guidelines and assess risk across the banking sector. Examiners, meanwhile, must have appropriate training and skills to assess crypto-related risks OIG wrote.

Digital assets made up just one of nine areas of concern for the FDIC. Others included crisis preparedness, cyber security risks and the movement to promote financial inclusion.

Cyber ​​Security Risks

An annual report by the Financial Stability Oversight Council last year found that “the financial sector is vulnerable to malicious cyber incidents, including ransomware, denial of service attacks, data breaches and non-malicious cyber incidents.”

US banks reported 1,251 ransom-related incidents in 2021 with a total value of $886 million, a 68% increase from 2020, the Financial Crimes Enforcement Network found in November.

Furthermore, 74% of bank executives surveyed said their institution faced one or more ransomware attacks, while 63% of institutions paid the claim, according to VMware, the report said.

The OIG Evaluation revealed weaknesses in the FDIC’s IT Risk Examination Program, which limited examiners’ ability to assess and address cyber risk at banks and third party suppliers.

Between May and July, banks reported 41 cybersecurity incidents under the 36-hour reporting rule, according to FDIC data.

The FDIC is required to report the information to law enforcement, including OIG, for further investigation, but at the time the report was written, the FDIC had not OIG wrote.

“[T]The FDIC should have effective processes for receiving and assessing banks’ reporting of cybersecurity incidents, including follow-up to ensure mitigation,” OIG wrote.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *