AL 99-12   
OCC ADVISORY LETTER

Subject: Year 2000 Information Security Precautions
Date:	November 22, 1999


TO: Chief Executive Officers of National Banks, 
Federal Branches, Service Providers, Software Vendors, 
Department and Division Heads, and Examining Personnel 


The Federal Financial Institutions Examination 
Council (FFIEC) has released the attached guidance, 
"Information Security Precautions During the Century 
Rollover Period."  The guidance reminds financial 
institutions of the importance of maintaining an 
effective security program during the century rollover 
period.  Financial institutions may be exposed to 
higher levels of fraudulent and malicious attempts 
to exploit information systems during the next few 
months.  Hackers and developers of malicious software 
may step up their activities at a time when it may 
be difficult, without adequate safeguards, to detect 
or distinguish between a routine software or operations 
problem, a Year 2000-related problem, and fraudulent 
or malicious activity. 

The FFIEC guidance outlines steps financial 
institutions might consider in maintaining an 
effective information security framework.  The guidance 
is also available on the OCC's Web site at www.occ.treas.gov.  
For more information contact Year 2000 Supervision Policy 
at (202) 874-2340 or Bank Technology at (202) 874-5920. 



                                                     
Emory W. Rushton
Senior Deputy Comptroller, Bank Supervision Policy

Attachment