Agencies Issue Joint Statement on Handling of Highly Sensitive Information During Examinations

On July 16, 2026, the FDIC, Federal Reserve, and OCC issued a joint statement detailing enhanced security procedures for reviewing highly sensitive information during bank examinations. These new protocols include reviewing such materials on-site to minimize cybersecurity risks rather than transferring them onto agency systems.

The joint statement outlines a coordinated approach for the identification of highly sensitive documents and data, establishing enhanced protocols for reviewing such materials to mitigate cybersecurity threats. These procedures are designed to provide the agencies with continuous access throughout the examination process while safeguarding bank confidentiality. 

Acknowledging the critical nature of protecting nonpublic information from unauthorized access or disclosure via cyber vulnerabilities, the agencies have pledged to notify impacted institutions of any material data breach involving confidential supervisory information. Such notification will be provided as soon as practicable, and within 72 hours of discovery, barring any legal constraints.

The FDIC’s press release can be found here.

The full joint statement can be found here.

ON SALE: Adverse Action Requirements

Vought Calls for Enhanced CFPB Oversight