« Cyber resilience: a financial stability perspective (Bank of England) | Main | FFIEC and Heartbleed »
Wednesday
Apr232014

Tomas J. Curry April 16 2014 OCC Remarks

DateWednesday, April 23, 2014 at 6:55PM

http://www.occ.gov/news-issuances/speeches/2014/pub-speech-2014-59.pdf

the Speech can be found at the link above...

What most thought was going to be a speech on Cybersecurity and the perils of the cloud and use of the Internet, actually turned into a larger concern regarding Third Party Risk Management. 

In summary....

Curry points out that banks use of third party technolgoies is ever increasing and interconnected.  and the concern is managing the risk associted with interconnected services and their dependances. In otherwords, a single vendor may not be considered crtical on it's own, but it's connections to other applications and the level of dependence may actually add to the Risk... 

The level of dependance FIs are an area of deep concern with Curry pointing out that the OCC as taken “serious enforcement actions” against “some of our large institutions” for mis-management of third party relationships.

 

AuthorBradley Martin | CommentPost a Comment |

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Notify me of follow-up comments via email.