Page last updated on July 16, 2024
Ponce Financial Group, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-19 15:59:53 EDT.
Filings
10-K filed on 2024-03-19
Ponce Financial Group, Inc. filed a 10-K at 2024-03-19 15:59:53 EDT
Accession Number: 0000950170-24-033436
Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!
Item 1C. Cybersecurity.
Item 1C. Cybersecurity. The Company’s cybersecurity program is integrated within its overall risk management function. The Company engages third parties, including an outsourced cybersecurity team and additional vendors that conduct cybersecurity testing. All critical vendors of the Company, including its cybersecurity vendors, are subject to the requirements of its vendor management policy and processes. The Company is a regulated entity and undergoes regulatory reviews to ensure the Bank remains in compliance with all appropriate standards, including related to its management of third-party vendors. Internally, the cybersecurity program is managed by the Company’s Senior Vice President, Chief Information Security Officer and Chief Information Officer. She has held senior management positions in information technology, management information systems and information security for over 30 years. She reports regularly to the risk and audit committees of the Board of Directors about the prevention, detection, mitigation, and remediation of cybersecurity incidents. Additionally, the full board annually assesses all critical risks of the Company, including cybersecurity risks, and also receives periodic updates relating to key cybersecurity issues as part of their oversight. The Company’s Senior Vice President and Chief Information Systems Officer also regularly reports to the Company’s executive risk management (“ERM”) committee, which oversees Company-wide risk at the management level, regarding cybersecurity risks. Members of the ERM committee include our President and Chief Executive Officer. While to date, we have not had a major cyber incident, nor experienced significant data loss or any material financial losses related to cybersecurity attacks, it is possible that we could experience a significant event in the future. Risks and exposures related to cybersecurity attacks are expected to remain high for the foreseeable future due to the rapidly evolving nature and sophistication of these threats. See Item 1A. “Risk Factors.” - “We face significant operational risks because the financial services business involves a high volume of transactions and increased reliance on technology, including risk of loss related to cyber security breaches." for further discussion of potential risks related to cybersecurity incidents. 45
Company Information
Name | Ponce Financial Group, Inc. |
CIK | 0001874071 |
SIC Description | Savings Institution, Federally Chartered |
Ticker | PDLB - Nasdaq |
Website | |
Category | Non-accelerated filer Smaller reporting company |
Fiscal Year End | December 30 |