News

The U.S. Treasury Department's plan to collect more details about cyberattacks on financial institutions in suspicious activity reports may impose new monitoring requirements on compliance professionals, say sources. Once finalized, the proposal pitched by the department's Financial Crimes Enforcement Network in February would add new data fields to the SAR for banks and other financial institutions to indicate when and where an attack took place, whether the attack targeted the institution, its customers, or both, as well as new fields to disclose any IP addresses associated with the event. While the planned data fields do not technically impose any new...