The Cybersecurity Rule establishes minimum standards for financial institutions to enhance their cybersecurity risk management programs, including requirements for incident response, risk assessments, and vendor management, to protect sensitive customer information and maintain the integrity of the financial system (FDIC, 2022). The rule was updated and became effective in 2023, emphasizing proactive measures against evolving cyber threats (FFIEC, 2023). The rule requires ongoing risk assessments, implementation of controls to protect systems and information, and mandatory reporting of cybersecurity incidents to regulators. It also addresses the unique challenges posed by third-party service providers, requiring financial institutions to conduct thorough due diligence on their vendors and implement robust vendor management programs to ensure the security of their supply chains. Training programs for cybersecurity are also included.

The Fair Lending Enforcement policy focuses on preventing discrimination in lending practices based on race, color, religion, national origin, sex, marital status, or age (Equal Credit Opportunity Act, 1974; Fair Housing Act, 1968). Government agencies, such as the Department of Justice and the Consumer Financial Protection Bureau (CFPB), actively monitor and enforce these laws to ensure equal access to credit and housing opportunities for all individuals. This includes investigating and prosecuting cases of redlining, disparate treatment, and other forms of lending discrimination to promote fairness and inclusivity in the financial marketplace. The policy ensures financial institutions do not discriminate.

Anti-Money Laundering (AML) regulations require financial institutions to implement comprehensive programs to detect and prevent money laundering and terrorist financing (Bank Secrecy Act, 1970; USA PATRIOT Act, 2001). These programs include establishing internal controls, conducting customer due diligence, monitoring transactions for suspicious activity, and reporting suspicious transactions to the Financial Crimes Enforcement Network (FinCEN). Financial institutions must also comply with Know Your Customer (KYC) requirements, which involve verifying the identity of customers and understanding the nature and purpose of their accounts to mitigate the risk of illicit financial activities. Ongoing training and independent testing of AML programs are essential to ensure their effectiveness and compliance with regulatory requirements. The goal is to prevent money laundering, terrorist financing and other illicit activities.