Y2K Information Security Precautions
December 1, 1999
Circular No. 11211

"Year 2000 Readiness Disclosure"

To the Chief Executive Officers of All State Member Banks, Bank Holding Companies, Edge and Agreement Corporations, and Branches and Agencies of Foreign Banks in the Second Federal Reserve District, and Related Service Providers and Software Vendors:

The Federal Financial Institutions Examination Council (FFIEC) has issued an advisory to financial institutions concerning information security precautions during the century rollover period. The statement serves as a reminder of the FFIEC's previously issued guidance regarding the importance of maintaining an effective security program.

The statement is intended to heighten management's focus on security needs during the rollover period given that financial institutions may be exposed to higher levels of fraudulent and malicious attempts to exploit information systems during the next few months. Hackers may step up their activities at a time when it may be difficult for financial institutions, without adequate safeguards, to detect or distinguish between a routine software or operations problem, a Year 2000-related problem or fraudulent activity.

The FFIEC encourages financial institutions to review and update security programs, where suitable and necessary, to protect financial institutions and customers in late 1999 and early 2000. The advisory provides suggested steps that can be taken in this regard.

A link to the FFIEC advisory is available. Questions may be directed, at this Bank, to Sarah Dahlgren, Senior Vice President, Ira Adler, Bank Supervision Officer, or Joseph Galati, Examining Officer.