[Congressional Bills 116th Congress]
[From the U.S. Government Publishing Office]
[H.R. 4458 Introduced in House (IH)]

<DOC>






116th CONGRESS
  1st Session
                                H. R. 4458

  To require the Board of Governors of the Federal Reserve System to 
  issue reports on cybersecurity with respect to the functions of the 
            Federal Reserve System, and for other purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                           September 24, 2019

 Mr. McHenry introduced the following bill; which was referred to the 
                    Committee on Financial Services

_______________________________________________________________________

                                 A BILL


 
  To require the Board of Governors of the Federal Reserve System to 
  issue reports on cybersecurity with respect to the functions of the 
            Federal Reserve System, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Cybersecurity and Financial System 
Resilience Act of 2019''.

SEC. 2. CYBERSECURITY REPORT.

    (a) In General.--Not later than the end of the 180-day period 
beginning on the date of enactment of this Act, and annually 
thereafter, the Board of Governors of the Federal Reserve System shall 
submit a report to the Committee on Financial Services of the House of 
Representatives and the Committee on Banking, Housing, and Urban 
Affairs of the Senate that provides a detailed explanation on measures 
taken by the Board of Governors and the Federal reserve banks to 
strengthen cybersecurity with respect to the functions of the Federal 
Reserve System, including the supervision and regulation of financial 
institutions. Each such report shall specifically include a detailed 
explanation of--
            (1) policies and procedures that guard against--
                    (A) efforts to deny access to or degrade, disrupt, 
                or destroy any information and communications 
                technology system or network, or exfiltrate information 
                from such a system or network without authorization;
                    (B) destructive malware attacks;
                    (C) denial of service activities; and
                    (D) any other efforts that, in the determination of 
                the Board, may threaten the functions of the Federal 
                Reserve System by undermining cybersecurity; and
            (2) activities to ensure the effective implementation of 
        policies and procedures described under paragraph (1), 
        including--
                    (A) the appointment of qualified staff, the 
                provision of staff training, and the use of 
                accountability measures to support staff performance;
                    (B) deployment of adequate resources and 
                technologies;
                    (C) the development and dissemination of best 
                practices regarding cybersecurity; and
                    (D) as appropriate, efforts to strengthen 
                cybersecurity in coordination with departments and 
                agencies of the Federal Government, foreign central 
                banks, and other partners.
    (b) Form of Report.--The report required under subsection (a) shall 
be submitted in unclassified form, but may include a classified annex, 
if appropriate.
    (c) Congressional Briefing.--The Chairman of the Board of Governors 
of the Federal Reserve System, or a member of the Board of Governors 
(as designated by the Chairman), shall provide a detailed briefing to 
the appropriate Members of Congress on each report submitted pursuant 
to subsection (a).
    (d) Appropriate Members of Congress Defined.--For the purposes of 
this Act, the term ``appropriate Members of Congress'' means the 
following:
            (1) The Chairman and Ranking Member of the Committee on 
        Financial Services of the House of Representatives.
            (2) The Chairman and Ranking Member of the Committee on 
        Banking, Housing, and Urban Affairs of the Senate.
    (e) Sunset.--The provisions of this Act shall have no force or 
effect on or after the date that is 7 years after the date of enactment 
of this Act.
                                 <all>