In the evolving landscape of data privacy compliance, financial organizations must understand the increasingly heightened standards of data governance being enforced by regulatory authorities. Specifically, the Office of the Comptroller of Currency (OCC) has taken a stricter stance on the data security models and policies of financial institutions. In particular, that office is mandating stricter requirements and controls around data and information governance, and more effective technical and organizational safeguards against potential breaches.
In late 2020, a number of globally recognized financial institutions were fined by the OCC in various consent orders for improper handling of information assets. The fines were based on long-established regulations and guidance, but previously not relied on grounds for enforcement actions. These fines were unprecedented in their severity and frequency.
Accordingly, financial institutions should be aware of the pertinent regulations, and how to comply with them through incorporation of best practices around information governance—particularly of consumer personal information.
Please download the PDF below to read the full article.