Skip to content

Should Your Bank Inform Customers About a Data Breach?

If we experience a cyber breach, are we obligated to tell our customers and/or regulators?

Yes. When an incident of unauthorized access to sensitive customer information involves your information systems, you must notify your customers and regulator.

Your Customer Notice should provide a description of the incident; the type of information that was subject to unauthorized access; measures your firm's taken to protect customers from further unauthorized access; a telephone number customers can call for information and assistance; and, a reminder to customers to remain vigilant over the next 12 to 24 months, and report suspected identity theft incidents to your firm.
Learn more about Carly Souther's webinar 10 Steps to Cybersecurity Continuity & Compliance

First published on 01/05/2020

Banker Store View All

From training, policies, forms, and publications, to office products and occasional gifts, it’s available here:

Banker Store

hot right now

image description

Looking for effective, convenient training on a particular subject?

BOL Learning Connect offers more than 200 courses ON-DEMAND or on CD ROM from AML to Reg Z and every topic in between.

Search Topics