Latest Compliance News

Fifth Third acted in violation of “reasonable” banking standards by allowing Dolton’s then-mayor to cash $1.9 million in vendor checks without the village clerk’s signature, a lawsuit alleged.

While artificial intelligence is widely used for fraud and scams, fraudsters are getting increasingly frustrated with detection systems used by banks and other organizations to to spot use of the technology, according to a new report on the global state of fraud by LexisNexis. The post Report: Deepfake detection efforts foiling fraudsters appeared first on ABA Banking Journal .

The FDIC and OCC released the market scenarios they will use in their upcoming stress tests for financial institutions. The agencies coordinated with the Federal Reserve to develop the scenarios, with the Fed releasing its scenarios last week. The post FDIC, OCC release stress test scenarios appeared first on ABA Banking Journal .

A bipartisan group of senators introduced legislation to raise the asset threshold under which banks are subject to longer examination cycles. The post Supervisory tailoring bill introduced in Senate appeared first on ABA Banking Journal .

The NCUA Board (Board) is seeking comment on proposed regulations to implement portions of the Guiding and Establishing National Innovation for U.S. Stablecoins Act (GENIUS Act). The GENIUS Act charges the NCUA with licensing, regulating, and supervising payment stablecoin issuers that are subsidiaries of federally insured credit unions (FICU subsidiaries). The GENIUS Act also requires the NCUA to issue implementing regulations by July 18th, 2026. This proposed rule proposes regulations to implement the statutorily required process for approval and licensure of permitted payment stablecoin issuers (PPSIs) subject to the NCUA's jurisdiction. It also proposes regulations limiting FICUs to investing in NCUA-licensed PPSIs. A forthcoming proposal will propose regulations to implement the standards and restrictions imposed by the GENIUS Act on PPSIs.

As the OCC considers revising its chartering rules, the agency should seek to uphold strong safety and soundness standards, increase transparency in the chartering process, and move cautiously as new regulatory frameworks develop, ABA said. The association also called for updated naming rules to ensure charter applicants do not misrepresent the services they intend to offer. The post ABA urges OCC to provide stronger safeguards, clearer rules for charter applicants appeared first on ABA Banking Journal .

The banking agencies announced they are rescinding the FAQs on the Liquidity Coverage Ratio but will leave the documents online for public viewing. The post Banking agencies rescind Liquidity Coverage Ratio rule FAQs appeared first on ABA Banking Journal .

And just what is a mobile home when it comes to flood regulation? The post ABA Regulatory Policy and Compliance Inbox: The intricacies of following up on a SAR filing appeared first on ABA Banking Journal .

For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed to anonymize and secure online communications. I2P users started reporting disruptions in the network around the same time the Kimwolf botmasters began relying on it to evade takedown attempts against the botnet’s control servers. Kimwolf is a botnet that surfaced in late 2025 and quickly infected millions of systems, turning poorly secured IoT devices like TV streaming boxes, digital picture frames and routers into relays for malicious traffic and abnormally large distributed denial-of-service (DDoS) attacks. I2P is a decentralized, privacy-focused network that allows people to communicate and share information anonymously. “It works by routing data through multiple encrypted layers across volunteer-operated nodes, hiding both the sender’s and receiver’s locations,” the I2P website explains . “The result is a secure, censorship-resistant network designed for private websites, messaging, and data sharing.” On February 3, I2P users began complaining on the organization’s GitHub page about tens of thousands of routers suddenly overwhelming the network, preventing existing users from communicating with legitimate nodes. Users reported a rapidly increasing number of new routers joining the network that were unable to transmit data, and that the mass influx of new systems had overwhelmed the network to the point where users could no longer connect. I2P users complaining about service disruptions from a rapidly increasing number of routers suddenly swamping the network. When one I2P user asked whether the network was under attack, another user replied, “Looks like it. My physical router freezes when the number of connections exceeds 60,000.” A graph shared by I2P developers showing a marked drop in successful connections on the I2P network around the time the Kimwolf botnet started trying to use the network for fallback communications. The same day that I2P users began noticing the outages, the individuals in control of Kimwolf posted to their Discord channel that they had accidentally disrupted I2P after attempting to join 700,000 Kimwolf-infected bots as nodes on the network. The Kimwolf botmaster openly discusses what they are doing with the botnet in a Discord channel with my name on it. Although Kimwolf is known as a potent weapon for launching DDoS attacks, the outages caused this week by some portion of the botnet attempting to join I2P are what’s known as a “ Sybil attack ,” a threat in peer-to-peer networks where a single entity can disrupt the system by creating, controlling, and operating a large number of fake, pseudonymous identities. Indeed, the number of Kimwolf-infected routers that tried to join I2P this past week was many times the network’s normal size. I2P’s Wikipedia page says the network consists of roughly 55,000 computers distributed throughout the world, with each participant acting as both a router (to relay traffic) and a client. However, Lance James , founder of the New York City based cybersecurity consultancy Unit 221B and the original founder of I2P, told KrebsOnSecurity the entire I2P network now consists of between 15,000 and 20,000 devices on any given day. An I2P user posted this graph on Feb. 10, showing tens of thousands of routers — mostly from the United States — suddenly attempting to join the network. Benjamin Brundage is founder of Synthient , a startup that tracks proxy services and was the first to document Kimwolf’s unique spreading techniques . Brundage said the Kimwolf operator(s) have been trying to build a command and control network that can’t easily be taken down by security companies and network operators that are working together to combat the spread of the botnet. Brundage said the people in control of Kimwolf have been experimenting with using I2P and a similar anonymity network — Tor — as a backup command and control network, although there have been no reports of widespread disruptions in the Tor network recently. “I don’t think their goal is to take I2P down,” he said. “It’s more they’re looking for an alternative to keep the botnet stable in the face of takedown attempts.” The Kimwolf botnet created challenges for Cloudflare late last year when it began instructing millions of infected devices to use Cloudflare’s domain name system (DNS) settings, causing control domains associated with Kimwolf to repeatedly usurp Amazon ,  Apple ,  Google  and  Microsoft in Cloudflare’s public ranking of the most frequently requested websites. James said the I2P network is still operating at about half of its normal capacity, and that a new release is rolling out which should bring some stability improvements over the next week for users. Meanwhile, Brundage said the good news is Kimwolf’s overlords appear to have quite recently alienated some of their more competent developers and operators, leading to a rookie mistake this past week that caused the botnet’s overall numbers to drop by more than 600,000 infected systems. “It seems like they’re just testing stuff, like running experiments in production,” he said. “But the botnet’s numbers are dropping significantly now, and they don’t seem to know what they’re doing.”

A former bank employee, hired by an unnamed Cleveland-based bank and then Charles Schwab to help protect customers from fraud, faces up to 30 years in prison.

The NCUA Board proposes to rescind its Interpretative Ruling and Policy Statement 06-1 (IRPS 06-1). Rescinding IRPS 06-1 would ease the compliance burden on Federal credit unions (FCUs) by limiting the number of sources that FCUs must check to ensure compliance with applicable chartering and field of membership (FOM) requirements.

The NCUA Board (Board) proposes to amend its regulations governing the voluntary termination of federal share insurance to streamline member communication requirements. This action is necessary to reduce regulatory burden by eliminating overly prescriptive formatting rules for the mandatory disclosure statement that credit unions must provide to members. The intended effect is to simplify compliance and provide credit unions with greater flexibility in designing effective communications, while still ensuring that members receive clear and prominent notice of a proposed termination of federal insurance.

The NCUA Board (Board) is proposing to amend its regulations governing the conversion of insured credit unions into banks. The NCUA Board proposes to eliminate certain prescriptive procedural, disclosure, and communication requirements. This action reduces unnecessary regulatory burdens and provides credit union boards of directors with greater flexibility to exercise their business judgment. The intended effect of these changes is to simplify compliance for credit unions, reduce administrative costs, and modernize the conversion process, while ensuring members receive clear and effective disclosures.

A federal court in Illinois partially upheld a first-of-its-kind state law restricting interchange fees for debit and credit card payments, striking down only the portion of the law that restricts the sharing of certain data obtained in transactions. ABA and the other plaintiffs plan to appeal the decision. The post Federal court partially upholds Illinois interchange fee law appeared first on ABA Banking Journal .

Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six “zero-day” vulnerabilities that attackers are already exploiting in the wild. Zero-day #1 this month is CVE-2026-21510 , a security feature bypass vulnerability in Windows Shell wherein a single click on a malicious link can quietly bypass Windows protections and run attacker-controlled content without warning or consent dialogs. CVE-2026-21510 affects all currently supported versions of Windows. The zero-day flaw  CVE-2026-21513 is a security bypass bug targeting MSHTML , the proprietary engine of the default Web browser in Windows. CVE-2026-21514 is a related security feature bypass in Microsoft Word. The zero-day CVE-2026-21533 allows local attackers to elevate their user privileges to “SYSTEM” level access in Windows Remote Desktop Services . CVE-2026-21519 is a zero-day elevation of privilege flaw in the Desktop Window Manager (DWM), a key component of Windows that organizes windows on a user’s screen. Microsoft fixed a different zero-day in DWM just last month . The sixth zero-day is CVE-2026-21525 , a potentially disruptive denial-of-service vulnerability in the Windows Remote Access Connection Manager , the service responsible for maintaining VPN connections to corporate networks. Chris Goettl at Ivanti reminds us Microsoft has issued several out-of-band security updates since January’s Patch Tuesday. On January 17, Microsoft pushed a fix that resolved a credential prompt failure when attempting remote desktop or remote application connections. On January 26, Microsoft patched a zero-day security feature bypass vulnerability ( CVE-2026-21509 ) in Microsoft Office . Kev Breen at Immersive notes that this month’s Patch Tuesday includes several fixes for remote code execution vulnerabilities affecting GitHub Copilot and multiple integrated development environments (IDEs), including VS Code , Visual Studio , and JetBrains products. The relevant CVEs are CVE-2026-21516 , CVE-2026-21523 , and CVE-2026-21256 . Breen said the AI vulnerabilities Microsoft patched this month stem from a command injection flaw that can be triggered through prompt injection, or tricking the AI agent into doing something it shouldn’t — like executing malicious code or commands. “Developers are high-value targets for threat actors, as they often have access to sensitive data such as API keys and secrets that function as keys to critical infrastructure, including privileged AWS or Azure API keys,” Breen said. “When organizations enable developers and automation pipelines to use LLMs and agentic AI, a malicious prompt can have significant impact. This does not mean organizations should stop using AI. It does mean developers should understand the risks, teams should clearly identify which systems and workflows have access to AI agents, and least-privilege principles should be applied to limit the blast radius if developer secrets are compromised.” The  SANS Internet Storm Center  has a  clickable breakdown of each individual fix this month from Microsoft, indexed by severity and CVSS score. Enterprise Windows admins involved in testing patches before rolling them out should keep an eye on askwoody.com , which often has the skinny on wonky updates. Please don’t neglect to back up your data if it has been a while since you’ve done that, and feel free to sound off in the comments if you experience problems installing any of these fixes.

Nearly 200 Democratic and independent members of Congress this week filed an amicus brief urging the courts to halt what they said is the Trump administration’s attempt to dismantle the CFPB. The post Democrats urge courts to stop efforts to ‘dismantle’ CFPB appeared first on ABA Banking Journal .

FHFA has repealed a 2024 final rule that codified many of its existing practices and programs regarding fair housing and fair lending oversight of Fannie Mae, Freddie Mac and the Federal Home Loan Banks. The post FHFA finalizes repeal of fair lending rule appeared first on ABA Banking Journal .

Two reports released Monday explored the scope of the CFPB’s downsizing in the last 12 months. A second one, by Senate Democrats, said the changes have cost consumers $19 billion.