July 16, 2026
Agencies issue joint statement on handling of highly sensitive information during bank examinations
- Board of Governors of the Federal Reserve System
- Federal Deposit Insurance Corporation
- Office of the Comptroller of the Currency
For release at 2:00 p.m. EDT
The federal bank regulatory agencies today issued a joint statement describing enhanced security procedures for review of highly sensitive information in connection with examinations of supervised banks, such as reviewing materials on-site rather than transferring them onto agency systems.
The statement discusses a coordinated approach to identifying highly sensitive data and documents and discusses enhanced procedures for the review of such information to reduce any cybersecurity risks while ensuring that the agencies have access to such information at all times during an examination.
The agencies recognize the importance of keeping a bank's highly sensitive information confidential and protecting it against disclosure to or from access by unauthorized persons as a result of cybersecurity vulnerabilities. The agencies have committed to notify affected banks of any potential or confirmed material data breach involving confidential supervisory information. They will do so as soon as practicable, and no later than 72 hours after discovery, unless legal restrictions apply.