The Basel Capital Accord (Basel II) is an effort by international banking supervisors to update the original international bank capital accord (Basel I), which has been in effect since 1988. The accords provide large, internationally active banking organizations a uniform approach to risk-management practices.
Basel II applies to global financial services organizations, specifically internationally active banks. In the U.S., agencies responsible for Basel II include the Board of Governors of the Federal Reserve System (FRB), the Office of the Comptroller of the Currency (OCC), the Federal Deposit Insurance Corporation (FDIC), and the Office of Thrift Supervision (OTS), which make up the Federal Financial Institutions Examination Council (FFIEC). The applicable framework for information security in order to meet Basel II in the U.S. is the “FFIEC Information Security Booklet (2003)”. Requirements that can be addressed by security technologies include (from the security controls implementation section of FFIEC): access rights administration, authentication, network access, operating system access, application access, remote access, logging and data collection.