On May 23, 2024, HUD issued a letter to announce that FHA-approved mortgagees are required to notify HUD when a “Cyber Incident” occurs. Specifically, FHA-approved mortgagees are to report cyber incidents to HUD within 12 hours of detection.

A Cyber Incident would be any unauthorized event that could harm information or computer systems, breaching security rules, and affecting a mortgagee’s ability to meet FHA program requirements. These include actions that threaten data confidentiality, integrity, or availability, potentially disrupting mortgage operations. Mortgagees shall report all suspected Cyber Incidents to HUD's FHA Resource Center and Security Operations Center within 12 hours of detection.

The new requirement is effective immediately and applies to all FHA insurance programs.

The Mortgagee Letter can be found here.

Adam Witmer

Adam Witmer is a speaker, author, and founder of the Compliance Cohort. Adam has taught hundreds of seminars and training sessions to thousands of bankers throughout the United States and teaches on all areas of regulatory compliance. Adam has written five e-books that he never published, hit a grizzly bear while driving in a National Park, and is an award winning photographer and musician (though he no longer takes photos nor plays any instruments). In his spare time, Adam can be found kayaking on the lake, doing taekwondo with his kids, working on his (project) house, or spending time with his family.

Website

Become a Free Member