There is currently no specific time frame during which banks must report to federal regulators that a security incident had occurred. A new notification rules changes that to 36 hours.
Go to Source
Author: Dark Reading Staff, Dark Reading
US Banks Will Be Required to Report Cyberattacks Within 36 Hours
November 19, 2021
