FFIEC Joint Statement on Risk Management for Cloud Computing Services

Financial Institution Letter

April 30, 2020

FFIEC Joint Statement on Risk Management for 
Cloud Computing Services


The FDIC, as a member of the Federal Financial Institutions Examination Council (FFIEC), is issuing the attached statement addressing the use of cloud computing services and security risk management principles in the financial services sector.

Statement of Applicability to Institutions under $1 Billion in Total Assets:

This Financial Institution Letter (FIL) applies to all FDIC-Supervised Financial Institutions.


FDIC-supervised financial institutions and their service providers


Read the FIL


The FDIC does not send unsolicited e-mail. If this publication has reached you in error, or if you no longer wish to receive this service, please unsubscribe