BRIEFLY: Banks get more time to comment on third-party risk management guidance; Fact sheet looks at supply chain security

(Sept. 10, 2021) Banks have more time to comment on proposed guidance to help them manage third-party risk, with a new deadline of Oct. 18, the federal banking agencies said this week. The agencies said the extension for the comment period – originally set to end Sept. 17 – was adopted to allow more time for individuals to analyze issues and prepare their comments. The proposed joint guidance was issued July 13; it is based on 2013 guidance from the Office of the Comptroller of the Currency (OCC). The latest guidance also covers arrangements between banks and financial technology (fintech) firms. NCUA did not join in proposing the guidance … An information and communications technology (ICT) supply chain risk management fact sheet has been posted on the NASCUS website, to help the state system raise awareness of risks to supply chains and help reinforce an overall national culture of security. The fact sheet was developed by the federal Cybersecurity and Infrastructure Security Agency (CISA) develop strategies for mitigating and addressing supply chain risks


Agencies Extend Comment Period on Proposed Risk Management Guidance for Third-Party Relationships

ICT Supply Chain Risk Management Fact Sheet