Continuing the trend of recent years, cybersecurity has remained at the top of the regulatory agenda for several federal and state agencies. For financial institutions, keeping track of the dizzying array of proposed regulations is a challenge. This Alert focuses on proposed cybersecurity standards in an advance notice of proposed rulemaking jointly issued by key federal banking regulators: the Office of the Comptroller of the Currency (“OCC”), the Federal Reserve, and the Federal Deposit Insurance Corporation (“FDIC”).

The advance notice of proposed rulemaking is a formal invitation to participate in shaping any proposed cybersecurity standards and starts the notice-and-comment process in motion. Importantly, anyone interested may respond to the notice by submitting comments aimed at developing and improving the initial draft proposal or by recommending against issuing any standards. Thus, responding to the notice is critical for entities that might be subject to or impacted by any final standards, because it allows them to help shape the standards early in the process.