The Bankers Electronic Crimes Taskforce, state financial regulators, and the United States Secret Service collaborated to develop this tool to help financial institutions periodically assess their efforts to mitigate risks associated with ransomware and identify gaps for increasing security. This document provides executive management and the board of directors with an overview of the institution’s preparedness towards identifying, protecting, detecting, responding, and recovering from a ransomware attack. It may also assist other third parties (such as auditors, security consultants and regulators) that might review your institution’s security practices.

Nonbank R-SAT

• Updated: Nonbank Ransomware Self-Assessment Tool, Version 2.0
• Press Release: State Financial Regulators Update Nonbank Ransomware Self-Assessment Tool

R-SAT

• Updated: Ransomware Self-Assessment Tool, Version 2.0 
• Report: Ransomware Lessons Learned by Banks That Suffered an Attack
• Webinar Recording - Oct. 24, 2023
• Webinar Slides [PDF]

Additional Resources

• Blog: State Bank Regulators Update Ransomware Self-Assessment Tool for Banks
• Cybersecurity 101 for Bank Executives
• Podcast: