CSBS Releases Nonbank Cybersecurity Exam Procedures

cybersecurity exam proceduresThe tools from the Conference of State Bank Supervisors will help your compliance team review and enhance cybersecurity exam procedures.

08/09/2022 1:15 P.M.

2 minute read

The Conference of State Bank Supervisors (CSBS) has released two new tools for nonbank financial services companies to improve their cybersecurity exam procedures and practices.

The Baseline Nonbank Cybersecurity Exam Program and the Enhanced Nonbank Cybersecurity Exam Program are tools used by state examiners nationwide to assess the cyber preparedness of nonbank entities.

The release of these optional tools provides these institutions the ability to improve their cybersecurity posture and better prepare for cybersecurity exams conducted by state examiners. A multi-state team of cybersecurity examination experts developed these exam procedures and tools, according to a news release from CSBS.

Why it Matters

  • Nonbank institutions can use the examination procedures to self-assess their cyber-preparedness.
  • Compliance officers at nonbank institutions can use the examination procedures to prepare for cybersecurity exams conducted by state field examiners.
  • Release of the exam procedures provides supervisory clarity and additional safeguards to nonbank institutions licensed by state entities.

“Supervisory clarity is essential to increasing industry awareness and making our financial system more resilient to cyber-attacks,” said CSBS Senior Vice President of Nonbank Supervision Chuck Cross. “The Nonbank Cybersecurity Exam Procedures released today provide nonbank institutions additional optional tools to guard against cyberattacks, data breaches or lapses in management oversight in this crucial area.”

In the coming months, CSBS intends to provide additional tools tailored to the needs of smaller nonbank financial institutions.

This release is part of a larger initiative by CSBS and state regulators to equip the industry with the necessary tools to protect the nation’s critical financial infrastructure. CSBS also provides nonbanks with a Ransomware Self-Assessment Tool  and a Cybersecurity 101 Guide for executives.

ACA’s Take:

Reviewing these exam procedures and resources on cybersecurity will help ensure compliance in protecting consumer data and prepare for review by state regulators.

It’s also critical to make sure your cyber liability insurance is current. A cyber liability insurance policy is designed to protect you from lost income and cover defense fees your business may be required to pay as a result of a data breach.

Collectors Insurance Agency (CIA), a subsidiary of ACA International, provides members exclusive access to risk management products and services tailored to each members’ specific needs and is available at [email protected].

Related Content from ACA International:

Cybersecurity Insurance in the ARM Industry: What You Need to Know

If you have executive leadership updates or other member news to share with ACA, contact our communications department at [email protected]. View our publications page for more information and our news submission guidelines here.



Payment Vision



This site uses cookies. By continuing to use our site, you are agreeing to our use of cookies. Review our Privacy Policy for more information. You may change your preferences on how cookies are stored by reviewing the settings on your browser.

The content on this site is presented for educational, general reference, and informational purposes only; is not intended to serve as legal or other advice; is not intended to be a full and exhaustive explanation of the law in any area; and should not replace the advice of your own legal counsel. By continuing to use our site, you are agreeing to the legal disclaimers in our Terms of Use. Review our Terms of Use for more information.

Friendly Reminder

Get continued access to ACA International’s wide array of resources, which can help you become more profitable, compliant and successful.

Renew your membership today to take advantage of tools you won’t find anywhere else:

  • Discounts on seminars, products, services and events
  • Resources to strengthen your compliance department
  • Industry-specific risk management products and services
  • Participation in ACA’s online community, The Hub
    Members-only website content
  • Professional development and training opportunities, and so much more!

If you have completed your renewal, please disregard this reminder.