|Title:||Cyber Incident Notification Requirements for Federally Insured Credit Unions|
|Subject:||Cyber incident notification|
Due to the increased frequency and severity of cyberattacks on the financial services sector, the NCUA Board is proposing to require a federally insured credit union that experiences a reportable cyber incident to report the incident to the NCUA as soon as possible and no later than 72 hours after the federally insured credit union reasonably believes that it has experienced a reportable cyber incident. This notification requirement provides an early alert to the NCUA and does not require credit unions to provide a detailed incident assessment to the NCUA within the 72-hour time frame.
|Date proposed:||July 21, 2022|
|Comments due date:||Sept. 26, 2022|
|Rule compliance date:|
|Related Reg Report item(s):|