North Dakota Bankers
Extraordinary Leadership for North Dakota Banks

FHA Extends Deadline for Lenders to Report Cybersecurity Incidents

FHA Extends Deadline for Lenders to Report Cybersecurity Incidents

Posted: Dec 04 2024
The Federal Housing Administration has announced that FHA-approved lenders will have 36 hours to report a cybersecurity incident to the Department of Housing and Urban Development instead of 12 hours, as was originally proposed.
 
FHA in May issued a mortgagee letter announcing that lenders had 12 hours to report a significant cyber incident after determining one had occurred. A reportable incident is defined as one that actually or potentially jeopardizes the confidentiality, integrity or availability of information within a lender’s systems, or affects the ability of the lender to meet its obligations under applicable FHA program requirements.
 
In a mortgagee letter the FHA pushed back the deadline for reporting cyber incidents to 36 hours, although it emphasized that lenders should report incidents as soon as possible. Lenders must provide information such as the date and cause of the incident and how it affects personally identifiable information in their systems.
 
To read more, visit: https://www.hud.gov/sites/dfiles/OCHCO/documents/2024-23hsgml.pdf
 

Designed and developed by Odney