Compliance

Reports show banks and the agencies that regulate them are both very vulnerable to fast-moving cyber attackers exploiting loopholes in computer systems.

Verizon's 2026 Data Breach Investigations Report finds attackers now break in most often through unpatched software and third-party vendors, not stolen passwords.

The eurozone's top bank supervisor is the latest to act on artificial intelligence's impact on cyber risk, even as U.S. regulators set no formal expectations.

Regulators pushed banks toward multifactor authentication. A new phishing-as-a-service kit, flagged by the FBI, is built to slip right past it.

Tokenization is being adopted from within the system, not alongside it. It's improving how markets operate by making settlements faster, increasing their mobility, boosting transparency and expanding access.

JPMorgan, Mozilla, Palo Alto and other Glasswing partners have new latitude as Anthropic loosens disclosure rules under congressional pressure.

Columbia caught the attacker still inside its systems on Dec. 19, three days before the access window closed, then took four months to notify customers.

The payment company will waive transaction fees totaling about $30 million for veteran-owned, farming, manufacturing or technology-based small businesses following an investigation into a 6-year-old former investment program designed for Black and minority-owned small businesses.

Three senior officials say attackers will eventually breach bank defenses, and supervisors should plan for it — while U.S. regulators stay nearly silent.

With regulatory scrutiny on the rise, banks are putting payment collaborations under the microscope.