Banking Dive
Feb 13, 2026
Enforcement
Fifth Third Bank allegedly violated banking standards by allowing the then-mayor of Dolton to cash vendor checks without proper signatures; this could set a precedent for compliance and signature requirements.
Fifth Third acted in violation of “reasonable” banking standards by allowing Dolton’s then-mayor to cash $1.9 million in vendor checks without the village clerk’s signature, a lawsuit alleged.
CISA Alerts
Feb 13, 2026
Guidance
CISA will host town halls on cyber incident reporting for critical infrastructure; relevant for Texas credit unions due to potential impact on cybersecurity practices.
ABA Banking Journal
Feb 12, 2026
Security
Fraudsters are becoming increasingly frustrated with deepfake detection systems; these systems are effectively preventing fraudulent activities. The article discusses the growing use of AI in fraud and scams, highlighting that despite advancements, fraudsters are finding it harder to bypass detection mechanisms.
While artificial intelligence is widely used for fraud and scams, fraudsters are getting increasingly frustrated with detection systems used by banks and other organizations to to spot use of the technology, according to a new report on the global state of fraud by LexisNexis. The post Report: Deepfake detection efforts foiling fraudsters appeared first on ABA Banking Journal .
ABA Banking Journal
Feb 12, 2026
Security
The FDIC and OCC released stress test scenarios for financial institutions in coordination with the Federal Reserve. These scenarios will be used in upcoming stress tests.
The FDIC and OCC released the market scenarios they will use in their upcoming stress tests for financial institutions. The agencies coordinated with the Federal Reserve to develop the scenarios, with the Fed releasing its scenarios last week. The post FDIC, OCC release stress test scenarios appeared first on ABA Banking Journal .
ABA Banking Journal
Feb 12, 2026
Proposals
The bill aims to raise the asset threshold for banks subject to longer examination cycles; it is a bipartisan effort in the Senate. The article does not provide specific details on how this might impact credit unions.
A bipartisan group of senators introduced legislation to raise the asset threshold under which banks are subject to longer examination cycles. The post Supervisory tailoring bill introduced in Senate appeared first on ABA Banking Journal .
NEW
OCC News Releases
Feb 12, 2026
Guidance
- OCC released stress test scenarios for 2026.
- These scenarios will be used in upcoming stress tests for covered institutions.
The Office of the Comptroller of the Currency (OCC) released economic and financial market scenarios for use in the upcoming stress tests for covered institutions.
NEW
FDIC Press Releases
Feb 12, 2026
Guidance
• The FDIC has released economic scenarios for 2026 stress testing for covered institutions with total consolidated assets of more than $250 billion.
• These scenarios include baseline and severely adverse scenarios, each covering 28 variables such as GDP, unemployment rate, stock market prices, and interest rates.
PRESS RELEASE | FEBRUARY 12, 2026 FDIC Releases Economic Scenarios for 2026 Stress Testing WASHINGTON – The Federal Deposit Insurance Corporation (FDIC) today released the hypothetical economic scenarios for use in the upcoming stress tests for covered institutions with total consolidated assets of more than $250 billion. The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 requires certain financial companies, including certain state nonmember banks and state savings associations, to conduct stress tests. In 2018, Congress increased the size of what is considered a covered institution from $10 billion to $250 billion. The supervisory scenarios include baseline and severely adverse scenarios. The baseline scenario is in line with a survey of private sector economic forecasters. The severely adverse scenario is not a forecast, rather, it is a hypothetical scenario designed to assess the strength and resilience of financial institutions. Each scenario includes 28 variables—such as gross domestic product, the unemployment rate, stock market prices, and interest rates—covering domestic and international economic activity. The FDIC coordinated with the Board of Governors of the Federal Reserve System and the Office of the Comptroller of the Currency in developing and distributing these scenarios. ATTACHMENTS: Stress Test Scenarios # # # MEDIA CONTACT:
[email protected] The FDIC does not send unsolicited email. If this publication has reached you in error, or if you no longer wish to receive this service, please unsubscribe . CONNECT WITH US
NEW
Federal Register - OCC
Feb 12, 2026
Proposals
• The OCC invites comments on the renewal of an information collection related to proprietary trading and certain interests in covered funds.
• Respondents must provide a currently valid OMB control number as required by the Paperwork Reduction Act of 1995.
The OCC, as part of its continuing effort to reduce paperwork and respondent burden, invites comment on a continuing information collection, as required by the Paperwork Reduction Act of 1995 (PRA). In accordance with the requirements of the PRA, the OCC may not conduct or sponsor, and the respondent is not required to respond to, an information collection unless it displays a currently valid Office of Management and Budget (OMB) control number. The OCC is soliciting comment concerning the renewal of its information collection titled, "Reporting, Recordkeeping, and Disclosure Requirements Associated with Proprietary Trading and Certain Interests in and Relationships with Covered Funds."
Federal Register - Credit Unions
Feb 12, 2026
Proposals
The NCUA Board is seeking comment on proposed regulations for licensing and supervising payment stablecoin issuers. FICUs are limited to investing in NCUA-licensed PPSIs, with a forthcoming proposal addressing standards and restrictions on PPSIs.
The NCUA Board (Board) is seeking comment on proposed regulations to implement portions of the Guiding and Establishing National Innovation for U.S. Stablecoins Act (GENIUS Act). The GENIUS Act charges the NCUA with licensing, regulating, and supervising payment stablecoin issuers that are subsidiaries of federally insured credit unions (FICU subsidiaries). The GENIUS Act also requires the NCUA to issue implementing regulations by July 18th, 2026. This proposed rule proposes regulations to implement the statutorily required process for approval and licensure of permitted payment stablecoin issuers (PPSIs) subject to the NCUA's jurisdiction. It also proposes regulations limiting FICUs to investing in NCUA-licensed PPSIs. A forthcoming proposal will propose regulations to implement the standards and restrictions imposed by the GENIUS Act on PPSIs.
ABA Banking Journal
Feb 11, 2026
ABA recommends the OCC maintain strong safety and soundness standards, increase transparency in the chartering process, and update naming rules. The association calls for cautious development of new regulatory frameworks.
As the OCC considers revising its chartering rules, the agency should seek to uphold strong safety and soundness standards, increase transparency in the chartering process, and move cautiously as new regulatory frameworks develop, ABA said. The association also called for updated naming rules to ensure charter applicants do not misrepresent the services they intend to offer. The post ABA urges OCC to provide stronger safeguards, clearer rules for charter applicants appeared first on ABA Banking Journal .
ABA Banking Journal
Feb 11, 2026
Guidance
• The banking agencies have rescinded the FAQs on the Liquidity Coverage Ratio.
• The documents will remain available for public viewing.
The banking agencies announced they are rescinding the FAQs on the Liquidity Coverage Ratio but will leave the documents online for public viewing. The post Banking agencies rescind Liquidity Coverage Ratio rule FAQs appeared first on ABA Banking Journal .
ABA Banking Journal
Feb 11, 2026
Guidance
The article discusses the complexities of following up on a Suspicious Activity Report (SAR) filing. It highlights the need for thorough and timely responses to regulatory inquiries.
And just what is a mobile home when it comes to flood regulation? The post ABA Regulatory Policy and Compliance Inbox: The intricacies of following up on a SAR filing appeared first on ABA Banking Journal .
Krebs on Security
Feb 11, 2026
Security
- Kimwolf botnet disrupted the I2P network by overwhelming it with infected routers.
- The disruption was caused by a Sybil attack, where the botnet tried to join 700,000 nodes on I2P.
- I2P is a decentralized, privacy-focused communications network.
For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed to anonymize and secure online communications. I2P users started reporting disruptions in the network around the same time the Kimwolf botmasters began relying on it to evade takedown attempts against the botnet’s control servers. Kimwolf is a botnet that surfaced in late 2025 and quickly infected millions of systems, turning poorly secured IoT devices like TV streaming boxes, digital picture frames and routers into relays for malicious traffic and abnormally large distributed denial-of-service (DDoS) attacks. I2P is a decentralized, privacy-focused network that allows people to communicate and share information anonymously. “It works by routing data through multiple encrypted layers across volunteer-operated nodes, hiding both the sender’s and receiver’s locations,” the I2P website explains . “The result is a secure, censorship-resistant network designed for private websites, messaging, and data sharing.” On February 3, I2P users began complaining on the organization’s GitHub page about tens of thousands of routers suddenly overwhelming the network, preventing existing users from communicating with legitimate nodes. Users reported a rapidly increasing number of new routers joining the network that were unable to transmit data, and that the mass influx of new systems had overwhelmed the network to the point where users could no longer connect. I2P users complaining about service disruptions from a rapidly increasing number of routers suddenly swamping the network. When one I2P user asked whether the network was under attack, another user replied, “Looks like it. My physical router freezes when the number of connections exceeds 60,000.” A graph shared by I2P developers showing a marked drop in successful connections on the I2P network around the time the Kimwolf botnet started trying to use the network for fallback communications. The same day that I2P users began noticing the outages, the individuals in control of Kimwolf posted to their Discord channel that they had accidentally disrupted I2P after attempting to join 700,000 Kimwolf-infected bots as nodes on the network. The Kimwolf botmaster openly discusses what they are doing with the botnet in a Discord channel with my name on it. Although Kimwolf is known as a potent weapon for launching DDoS attacks, the outages caused this week by some portion of the botnet attempting to join I2P are what’s known as a “ Sybil attack ,” a threat in peer-to-peer networks where a single entity can disrupt the system by creating, controlling, and operating a large number of fake, pseudonymous identities. Indeed, the number of Kimwolf-infected routers that tried to join I2P this past week was many times the network’s normal size. I2P’s Wikipedia page says the network consists of roughly 55,000 computers distributed throughout the world, with each participant acting as both a router (to relay traffic) and a client. However, Lance James , founder of the New York City based cybersecurity consultancy Unit 221B and the original founder of I2P, told KrebsOnSecurity the entire I2P network now consists of between 15,000 and 20,000 devices on any given day. An I2P user posted this graph on Feb. 10, showing tens of thousands of routers — mostly from the United States — suddenly attempting to join the network. Benjamin Brundage is founder of Synthient , a startup that tracks proxy services and was the first to document Kimwolf’s unique spreading techniques . Brundage said the Kimwolf operator(s) have been trying to build a command and control network that can’t easily be taken down by security companies and network operators that are working together to combat the spread of the botnet. Brundage said the people in control of Kimwolf have been experimenting with using I2P and a similar anonymity network — Tor — as a backup command and control network, although there have been no reports of widespread disruptions in the Tor network recently. “I don’t think their goal is to take I2P down,” he said. “It’s more they’re looking for an alternative to keep the botnet stable in the face of takedown attempts.” The Kimwolf botnet created challenges for Cloudflare late last year when it began instructing millions of infected devices to use Cloudflare’s domain name system (DNS) settings, causing control domains associated with Kimwolf to repeatedly usurp Amazon , Apple , Google and Microsoft in Cloudflare’s public ranking of the most frequently requested websites. James said the I2P network is still operating at about half of its normal capacity, and that a new release is rolling out which should bring some stability improvements over the next week for users. Meanwhile, Brundage said the good news is Kimwolf’s overlords appear to have quite recently alienated some of their more competent developers and operators, leading to a rookie mistake this past week that caused the botnet’s overall numbers to drop by more than 600,000 infected systems. “It seems like they’re just testing stuff, like running experiments in production,” he said. “But the botnet’s numbers are dropping significantly now, and they don’t seem to know what they’re doing.”
Banking Dive
Feb 11, 2026
Enforcement
- A former bank employee faces up to 30 years in prison for fraud and ID theft.
- The employee was hired by an unnamed Cleveland-based bank and then Charles Schwab.
A former bank employee, hired by an unnamed Cleveland-based bank and then Charles Schwab to help protect customers from fraud, faces up to 30 years in prison.
CISA Alerts
Feb 11, 2026
Security
CISA emphasizes the importance of security and resilience in critical infrastructure; highlights ongoing initiatives to enhance cybersecurity measures.
NEW
Federal Register - FDIC
Feb 11, 2026
Proposals
- The FDIC proposed a rule requiring approval for issuing payment stablecoins through a subsidiary by FDIC-supervised institutions.
- The comment period has been extended until May 18, 2026.
On December 19, 2025, the Federal Deposit Insurance Corporation (FDIC) published in the Federal Register a notice of proposed rulemaking that would establish procedures to be followed by an insured State nonmember bank or State savings association (each, an FDIC-supervised institution) that seeks to obtain FDIC approval to issue payment stablecoins through a subsidiary pursuant to the Guiding and Establishing National Innovation for U.S. Stablecoins Act (GENIUS Act). The proposed rule provided for a 60-day comment period, which will close on February 17, 2026. The FDIC has determined that an extension of the comment period until May 18, 2026, is appropriate. This action will allow interested parties additional time to analyze the proposal and prepare comments.
Federal Register - Credit Unions
Feb 11, 2026
Proposals
• NCUA proposes to rescind IRPS 06-1, which would reduce the number of sources FCUs need to check for chartering and FOM compliance.
• This change aims to ease compliance burdens on Federal credit unions.
The NCUA Board proposes to rescind its Interpretative Ruling and Policy Statement 06-1 (IRPS 06-1). Rescinding IRPS 06-1 would ease the compliance burden on Federal credit unions (FCUs) by limiting the number of sources that FCUs must check to ensure compliance with applicable chartering and field of membership (FOM) requirements.
Federal Register - Credit Unions
Feb 11, 2026
Proposals
- NCUA proposes to amend regulations on voluntary termination of federal share insurance to simplify member communication requirements.
- The goal is to reduce regulatory burden by providing more flexibility in how credit unions communicate with members.
The NCUA Board (Board) proposes to amend its regulations governing the voluntary termination of federal share insurance to streamline member communication requirements. This action is necessary to reduce regulatory burden by eliminating overly prescriptive formatting rules for the mandatory disclosure statement that credit unions must provide to members. The intended effect is to simplify compliance and provide credit unions with greater flexibility in designing effective communications, while still ensuring that members receive clear and prominent notice of a proposed termination of federal insurance.
Federal Register - Credit Unions
Feb 11, 2026
Proposals
The NCUA Board proposes to eliminate certain prescriptive procedural, disclosure, and communication requirements for converting insured credit unions into banks. This change aims to simplify compliance, reduce administrative costs, and modernize the conversion process while ensuring clear disclosures.
The NCUA Board (Board) is proposing to amend its regulations governing the conversion of insured credit unions into banks. The NCUA Board proposes to eliminate certain prescriptive procedural, disclosure, and communication requirements. This action reduces unnecessary regulatory burdens and provides credit union boards of directors with greater flexibility to exercise their business judgment. The intended effect of these changes is to simplify compliance for credit unions, reduce administrative costs, and modernize the conversion process, while ensuring members receive clear and effective disclosures.
ABA Banking Journal
Feb 10, 2026
Enforcement
- Federal court partially upheld an Illinois law on interchange fees for debit and credit card payments.
- The decision struck down the portion of the law that restricts the sharing of transaction data.
A federal court in Illinois partially upheld a first-of-its-kind state law restricting interchange fees for debit and credit card payments, striking down only the portion of the law that restricts the sharing of certain data obtained in transactions. ABA and the other plaintiffs plan to appeal the decision. The post Federal court partially upholds Illinois interchange fee law appeared first on ABA Banking Journal .
Krebs on Security
Feb 10, 2026
Security
Microsoft released critical updates for Windows operating systems and other software, addressing six zero-day vulnerabilities. These include security feature bypasses in various components like Windows Shell, MSHTML, Microsoft Word, Remote Desktop Services, DWM, and a denial-of-service vulnerability in the Windows Remote Access Connection Manager.
Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six “zero-day” vulnerabilities that attackers are already exploiting in the wild. Zero-day #1 this month is CVE-2026-21510 , a security feature bypass vulnerability in Windows Shell wherein a single click on a malicious link can quietly bypass Windows protections and run attacker-controlled content without warning or consent dialogs. CVE-2026-21510 affects all currently supported versions of Windows. The zero-day flaw CVE-2026-21513 is a security bypass bug targeting MSHTML , the proprietary engine of the default Web browser in Windows. CVE-2026-21514 is a related security feature bypass in Microsoft Word. The zero-day CVE-2026-21533 allows local attackers to elevate their user privileges to “SYSTEM” level access in Windows Remote Desktop Services . CVE-2026-21519 is a zero-day elevation of privilege flaw in the Desktop Window Manager (DWM), a key component of Windows that organizes windows on a user’s screen. Microsoft fixed a different zero-day in DWM just last month . The sixth zero-day is CVE-2026-21525 , a potentially disruptive denial-of-service vulnerability in the Windows Remote Access Connection Manager , the service responsible for maintaining VPN connections to corporate networks. Chris Goettl at Ivanti reminds us Microsoft has issued several out-of-band security updates since January’s Patch Tuesday. On January 17, Microsoft pushed a fix that resolved a credential prompt failure when attempting remote desktop or remote application connections. On January 26, Microsoft patched a zero-day security feature bypass vulnerability ( CVE-2026-21509 ) in Microsoft Office . Kev Breen at Immersive notes that this month’s Patch Tuesday includes several fixes for remote code execution vulnerabilities affecting GitHub Copilot and multiple integrated development environments (IDEs), including VS Code , Visual Studio , and JetBrains products. The relevant CVEs are CVE-2026-21516 , CVE-2026-21523 , and CVE-2026-21256 . Breen said the AI vulnerabilities Microsoft patched this month stem from a command injection flaw that can be triggered through prompt injection, or tricking the AI agent into doing something it shouldn’t — like executing malicious code or commands. “Developers are high-value targets for threat actors, as they often have access to sensitive data such as API keys and secrets that function as keys to critical infrastructure, including privileged AWS or Azure API keys,” Breen said. “When organizations enable developers and automation pipelines to use LLMs and agentic AI, a malicious prompt can have significant impact. This does not mean organizations should stop using AI. It does mean developers should understand the risks, teams should clearly identify which systems and workflows have access to AI agents, and least-privilege principles should be applied to limit the blast radius if developer secrets are compromised.” The SANS Internet Storm Center has a clickable breakdown of each individual fix this month from Microsoft, indexed by severity and CVSS score. Enterprise Windows admins involved in testing patches before rolling them out should keep an eye on askwoody.com , which often has the skinny on wonky updates. Please don’t neglect to back up your data if it has been a while since you’ve done that, and feel free to sound off in the comments if you experience problems installing any of these fixes.
ABA Banking Journal
Feb 10, 2026
Democratic lawmakers urge courts to prevent the Trump administration from dismantling the CFPB; this action aims to preserve the bureau's independence and enforcement powers.
Nearly 200 Democratic and independent members of Congress this week filed an amicus brief urging the courts to halt what they said is the Trump administration’s attempt to dismantle the CFPB. The post Democrats urge courts to stop efforts to ‘dismantle’ CFPB appeared first on ABA Banking Journal .
ABA Banking Journal
Feb 10, 2026
Rules
• FHFA has repealed a 2024 final rule that codified fair housing and fair lending oversight practices for Fannie Mae, Freddie Mac, and the Federal Home Loan Banks.
• This repeal may impact how these institutions approach compliance with fair lending regulations.
FHFA has repealed a 2024 final rule that codified many of its existing practices and programs regarding fair housing and fair lending oversight of Fannie Mae, Freddie Mac and the Federal Home Loan Banks. The post FHFA finalizes repeal of fair lending rule appeared first on ABA Banking Journal .
Banking Dive
Feb 10, 2026
• The CFPB has downsized in the last 12 months, impacting consumers financially.
• A Senate Democratic report estimates the changes have cost consumers $19 billion.
Two reports released Monday explored the scope of the CFPB’s downsizing in the last 12 months. A second one, by Senate Democrats, said the changes have cost consumers $19 billion.
CISA Alerts
Feb 10, 2026
Guidance
CISA has released a guide aimed at helping critical infrastructure users, including credit unions, implement more secure communication practices. The document provides best practices and recommendations for enhancing cybersecurity measures.