Press

Financial regulators update examiner guidance on financial institutions’ information technology architecture, infrastructure, and operations

ARLINGTON, VA (June 30, 2021) — The Federal Financial Institutions Examination Council (FFIEC) today issued a new booklet in the FFIEC Information Technology Examination Handbook series, titled “Architecture, Infrastructure, and Operations.”

The booklet provides expanded guidance to help financial institution examiners assess the risk profile and adequacy of an entity’s information technology architecture, infrastructure, and operations.

The new booklet replaces the “Operations” booklet issued in July 2004 and it provides examiners with fundamental examination expectations regarding architecture and infrastructure planning, governance and risk management, and operations of regulated entities. The booklet discusses the interconnectedness among an entity’s assets, processes, and third-party service providers along with the principles, processes, potential threats, and examination procedures to help examiners assess whether a financial entity’s management adequately addresses risks and complies with applicable laws and regulations.

Updates to the booklet reflect the changing technological environment and increasing need for security and resilience, including architectural design, infrastructure implementation, and operation of information technology systems. The updated booklet also highlights the importance of providing current information to examiners reviewing an entity’s information management practices pertaining to safety and soundness, consumer protection, and provision of secure and resilient business services to customers.

The complete FFIEC Information Technology Examination Handbook is available at http://ithandbook.ffiec.gov/.


About FFIEC

The FFIEC was established in March 1979 to prescribe uniform principles, standards, and report forms and to promote uniformity in the supervision of financial institutions. The Council has six voting members: the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, the National Credit Union Administration, the Consumer Financial Protection Bureau, and the State Liaison Committee. The Council’s activities are supported by interagency task forces and by an advisory State Liaison Committee, comprised of five representatives of state agencies that supervise financial institutions.

Contacts

Judith E. Dupre
Executive Secretary
FFIEC

Media Contact:
Julianne Fisher Breitbeil
FDIC
(202) 898-6895

Susan Stawick
Federal Reserve
(202) 452-2955

Stephanie Collins
OCC
(202) 649-6870

Marisol Garibay
CFPB
(202) 435-5160

Ben Hardaway
NCUA
(703) 518-6333

Jim Kurtzke
SLC
(202) 728-5733

More News