Skip to main content
Press Releases

State Regulators and USSS Issue Ransomware Mitigation Tool for Nonbank Companies

Washington, D.C. – State financial regulators and the U.S. Secret Service (USSS) today released a self-assessment resource for nonbank financial institutions in an effort to mitigate the rise of ransomware attacks threatening the U.S. economy. A similar self-assessment tool has also been issued for banks.

The ready-to-use ransomware tool will allow nonbank financial institution leadership, as well as outside security consultants and auditors, to assess an organization’s efforts to control and mitigate risks associated with the threat of ransomware and identify gaps that require increased security. 

“Ransomware attacks can have a devastating impact on any company, including the many nonbank companies state regulators license,” said Conference of State Bank Supervisors Chairman and Georgia Commissioner of Banking and Finance Kevin B. Hagler. “State regulators want to ensure nonbank institutions, including fintech and payments companies, money transmitters and mortgage companies, are doing everything they can to be prepared to identify ransomware incidents, and should an attack occur, respond and recover quickly.”

Ransomware attacks have been on the rise and appear to be spreading across industries. One global cyber insurer reported 775 ransomware incidents for its U.S. customers in 2019, representing a 131% increase from the year prior. Eleven percent of those customers were financial institutions.  

“Ransomware is one of the fastest-growing and largest cyber threats that can quickly cripple a business’s system, resulting in disruption to daily life and ultimately, severe financial loss,” said USSS Office of Investigations Deputy Assistant Director Steven Stanford. “The Secret Service is working with our law enforcement and business community partners in assembling valuable and tangible educational products that provide awareness, information-sharing and real-time prevention. These strategic relationships must be maintained so that when a ransomware attack is detected, we are able to fight together and win.”

Media Contact: Susanna Barnett, 202-407-7156,

The Conference of State Bank Supervisors (CSBS) is the national organization of bank regulators from all 50 states, American Samoa, District of Columbia, Guam, Puerto Rico and U.S. Virgin Islands. State regulators supervise 79% of all U.S. banks and are the primary supervisor of non-depository financial services. CSBS, on behalf of state regulators, also operates the Nationwide Multistate Licensing System to license and register non-depository financial service providers in the mortgage, money services businesses, consumer finance and debt industries.

Related Topics:

1129 20th Street, N.W., 9th Floor, Washington, DC 20036 | Tel. 202.296.2840 | Fax. 202.296.1928