Skip to main content

FFIEC Issues Joint Statement on Cyber Insurance and Its Potential Role in Risk Management Programs

The Federal Financial Institutions Examination Council (FFIEC) members today issued a joint statement to describe matters that financial institutions should consider if they are determining whether to use cyber insurance as a component of their risk management programs. 

The FFIEC members do not require financial institutions to maintain cyber insurance. The evolving cyber insurance market and the shifting cyber threat landscape may, however, prompt financial institutions to consider whether cyber insurance would be an effective part of their overall risk management programs.  

The joint statement notes that cyber attacks are increasing in volume and sophistication and that traditional general liability insurance policies may not provide effective coverage for all potential exposures caused by cyber events. Cyber insurance could offset financial losses from a variety of exposures—including data breaches resulting in the loss of confidential information—that may not be covered by more traditional insurance policies. Financial institution management should assess the scope of coverage of current insurance and consider how cyber insurance may fit into the institution’s overall risk management framework.

As with any insurance coverage, cyber insurance does not diminish the importance of a sound control environment. Rather, cyber insurance may be a component of a broader risk management strategy that includes identifying, measuring, mitigating, and monitoring cyber risk exposure.

Financial institutions may find additional information on risk management and cybersecurity risk management on the FFIEC’s website at http://www.ffiec.gov. 


Attachment:
Joint Statement on Cyber Insurance and Its Potential Role in Risk Management Programs (PDF)

The FFIEC was established in March 1979 to prescribe uniform principles, standards, and report forms and to promote uniformity in the supervision of financial institutions. It also conducts schools for examiners employed by the five federal member agencies represented on the FFIEC and makes those schools available to employees of state agencies that supervise financial institutions. The Council consists of the following six voting members: a member of the Board of Governors of the Federal Reserve System; the Chairman of the Federal Deposit Insurance Corporation; the Director of the Consumer Financial Protection Bureau; the Comptroller of the Currency; the Chairman of the National Credit Union Administration; and the Chairman of the State Liaison Committee.  

Recent Press Releases Posts

Press Releases
By James M. Cooper, president and CEO of the Conference of State Bank Supervisors 
Sep 21, 2022
Press Releases
Washington, D.C.— State bank supervisors have re-appointed Texas Department of Banking Commissioner…
Sep 15, 2022
Press Releases
The Federal Financial Institutions Examination Council (FFIEC) today announced the appointment of…
Sep 13, 2022
Press Releases
Washington, D.C. – The Conference of State Bank Supervisors (CSBS) is pleased to share that its…
Sep 6, 2022

1129 20th Street, N.W., 9th Floor, Washington, DC 20036 | Tel. 202.296.2840 | Fax. 202.296.1928

exit