In April, the Federal Financial Institutions Examination Council (FFIEC) published a joint statement on the potential role of cyber insurance in financial institutions’ risk management programs. It is important to note that the FFIEC pointed out that the statement does not contain any new regulatory expectations and, therefore, there is no requirement to purchase cyber insurance.