OMB control number

Computer-Security Incident Notification

OMB 1557-0350 · TREAS/OCC.

OMB 1557-0350

The reporting requirement requires a banking organization to notify its primary federal bank regulatory agency of the occurrence of a “notification incident” at the banking organization. The disclosure requirement requires a bank service provider to notify at least two individuals at affected banking organization customers immediately after it experiences a computer-security incident that it believes in good faith could disrupt, degrade, or impair services provided subject to the Bank Service Company Act for four or more hours.

The latest form for Computer-Security Incident Notification expires 2028-05-31 and can be found here.

Latest Forms, Documents, and Supporting Material

Document Name
1557-0350 30-Day FR Notice for Computer Security Incident Notification (Part 53) (90 FR 8735).pdf Supplementary Document
1557-0350 60-Day FR Notice for Computer Security Incident Notification (Part 53) (89 FR 93827).pdf Supplementary Document
1557-0350 Supporting Statement - Computer Security Incident.docx Supporting Statement A
Disclosure
Reporting

All Historical Document Collections

202501-1557-001	Extension without change of a currently approved collection	2025-01-31
202110-1557-001 Approved without change	New collection (Request for a new OMB Control Number)	2021-11-23
202103-1557-008 Comment filed on proposed rule	New collection (Request for a new OMB Control Number)	2021-03-29

OMB Details

Reporting

Federal Enterprise Architecture: Economic Development - Financial Sector Oversight