This site uses cookies to improve your browsing experience, gather site analytics and activity, track shopping cart contents, and deliver relevant marketing information.
View our privacy policy and manage your settings here. By using our site you agree to these terms.

Financial Services Sector Cybersecurity Profile


 Financial Services Sector Cybersecurity Profile and Supporting Documents


An industry-developed cybersecurity profile to enhance and simplify your risk assessment​

The banking industry saw a need for a more harmonized approach to cybersecurity that supports strong oversight while conserving talent and resources, and ensuring safety and soundness. The Financial Services Sector Cybersecurity Profile acts as a shared baseline for examination across federal regulators—in a way that makes the most sense for the individual institution.

Tailored to the size and scope of your bank, this new tool delivers meaningful results to help you measure the potential effects of a cyber event at your institution. By using a questionnaire to identify your specific risk and complexity, the assessment offers each institution a focused, customized cybersecurity plan that conserves resources and employee time.

Key Benefits:

  • developed by the Financial Services Sector Coordinating Council (global, regional, midsize and community banks, along with representatives from other key agencies)
  • designed to deploy resources more effectively
  • reduces time spent on reconciling exam issues
  • integrates widely used standards and supervisory expectations
  • compliments the NIST cybersecurity framework


On August 28, 2018, Josh Magri of BPI-BITS, Denyette DePierro of ABA, and Nadya Bartol of BCG-Platinion presented on the development of the Financial Services Sector Cybersecurity Profile.

Maintenance Going Forward

The Financial Sector Coordinating Council (FSSCC), the trade associations, financial institutions, and other Profile development stakeholders recognize that future maintenance of the Profile is essential for its ultimate success. Numerous trade associations and financial institutions involved in the Profile’s development are forming a sustained coalition to manage Profile update activities and to educate and engage jurisdictions around the world on its benefits and usage. Interested parties will continue committing resources, such as their own subject matter experts and expertise, full time personnel, and funds for external experts and advisors.

This coalition has also committed to a 2-3-year update cycle to iterate a new, full version similar to the cycles used by other standards bodies, such as the National Institute of Standards and Technology (NIST) and International Standards Organization (ISO) for a full version. The coalition has also committed to more flexible update timeframes to include additional global supervisory expectations as well as any newly issued supervisory expectations. More details will follow in the coming weeks.

​For further information, contact:

Josh Magri
Senior Vice President, Counsel for Regulation & Developing Technology
Bank Policy Institute (BPI) – BITS
Denyette DePierro
Vice President & Senior Counsel
Center for Payments and Cybersecurity
American Bankers Association