Frequently Asked Questions



Who is eligible to join Sheltered Harbor?

Participation is open to U.S. financial institutions of all sizes including banks, credit unions, brokerages, asset managers, industry associations, and service providers.

Sheltered Harbor’s vision is to expand to other asset classes and geographies over time.

Are financial institutions required to join Sheltered Harbor?

Sheltered Harbor is a not-for-profit, industry-led initiative. Participation is voluntary. We can best protect our customers, ourselves, and the entire U.S. financial system when every financial institution joins

Regulators support the initiative. Please see the FFIEC Cybersecurity Resource Guide for more information.

 

How do I get the Sheltered Harbor Specification?

The Specification, as well as many resources to help with implementation, is available only to participants.

Join today.

How much does it cost?

Participation fees to join Sheltered Harbor are minimal. Implementation costs vary by size and complexity of institution as well as infrastructure, operations and skills base.

Click here for annual participation fees.

How hard is it to implement Sheltered Harbor?

While effort required varies according to size and complexity as well as pre-existing infrastructure, operations, and skills base, Sheltered Harbor is not especially difficult to implement. Smaller institutions have declared their first Sheltered Harbor milestone in as little as three months, while it takes longer for large, complex institutions.

The key factors are prioritization by top leadership and building a cross-functional team to manage the process. Your team should include operations, technology, information security, risk management, audit and compliance, and other relevant departments.

We’ve developed many resources to help you get Sheltered Harbor Certified as quickly as possible, which you can access as soon as you join:

  • Guides for every step of the process
  • Forums for support and collaboration
  • Training through webinars and live events
  • Reference Architectures to see how others have implemented
  • Technology Solutions such as encryption software (additional fees may apply)
  • Alliance Partners to help build the right plan for your institution

How can I get help implementing Sheltered Harbor?

In addition to the resources available to all participants on our content portal, we have entered into alliance partnerships with advisory and assurance firms to help you plan and implement the standard.

We are also currently developing a solution provider program to help with technology and implementation tools. We will update as they come online.

If I use a Service Provider for core processing, do I still need to join Sheltered Harbor?

Yes.  If you use a Service Provider for core processing and elect to use their Data Vaulting Solution, you still need to join Sheltered Harbor to receive the services. You also need to develop your own Sheltered Harbor Resiliency Plan in order to achieve Sheltered Harbor Certification.

The following providers are currently developing Sheltered Harbor Vaulting Solutions: 

If you do not see your provider, please contact them directly. They may have joined Sheltered Harbor, but not yet made public announcements. If they haven't joined Sheltered Harbor yet, either ask them to do so or send us a note with their contact information and we will reach out to them about joining the initiative.

 

How do I contact someone for more details about Sheltered Harbor?

Check out our Fact Sheet for answers to many questions.

Don't hesitate to get in touch for more information.

Email us at info@shelteredharbor.org

Phone: +1 (347) 797-1230

Mailing address:  12020 Sunrise Valley Drive, Suite 230, Reston, VA 20191

 


Join as a Bank or Credit Union

For banks and credit unions, Participant fees are determined based on both Participant's total US banking assets and Participant’s total US deposit accounts to more accurately reflect bank size. Below describes current fees applying at each level of Participant’s assets and accounts.

Annual Fee Assessment Schedule for Banks and Credit Unions

 Assets

 Accounts 

 Fee 

Join Sheltered Harbor
Onlne
Download 
 <$100MM  and   <10K  $250       007 monitor 1       OR        Download $250 Agreement
 <$1B  and    <500K  $500        007 monitor 1       OR       Download $500 Agreement
 >500K  $2,500       007 monitor 1       OR       Download $2500 Agreement
 $1B - $50B    and   <500K  $2,500       007 monitor 1       OR       Download $2500 Agreement
 >500K  $10,000       007 monitor 1       OR       Download $2500 Agreement
 >$50B  and  <1M  $10,000       007 monitor 1       OR       Download $2500 Agreement
 >1M  $25,000       007 monitor 1    OR       Download 25000 Agreement

If your operations include brokerage and/or asset management accounts, please check those fee schedules as well, because you will pay a single fee based on the larger of the banking or brokerage or asset management fee calculation.

Join as Brokerage

For securities firms, Participant fees are determined based on both client assets* and the number of clearing clients. The schedule below describes current fees applying at each level of Participant’s assets and accounts.

Annual Fee Assessment Schedule for Securities Firms

 Client
 Assets*

 Clearing
 Clients

 Fee 

Join Sheltered Harbor
 Online
Download 

 <$100MM

 and 

 <1 (self clearer)      

 $2,500

     007 monitor 1    

 OR 

      Download $2500 Agreement

 <$10B

 and  

 <50

 $5000 

     007 monitor 1    

 OR

      Download $5000 Agreement

 50 - 100

 $10,000 

     007 monitor 1    

 OR

      Download 10000 Agreement

 $10B - $200B  

 and 

 <20

 $10,000 

     007 monitor 1    

 OR

      Download 10000 Agreement

 >20

 $25,000 

     007 monitor 1    

 OR

      Download 25000 Agreement
 >$200B   or   >100  $25,000       007 monitor 1      OR       Download 25000 Agreement

* Including discretionary and non-discretionary assets

If your operations include banking and/or asset management accounts, please check those fee schedules as well, because you will pay a single fee based on the larger of the banking or brokerage or asset management fee calculation.

Join as an Asset Manager

Participant fees or asset managers, transfer agents and recordkeepers are determined based on AUM or plan assets.  The schedule below describes current fees applying at each level of Participant's AUM or plan assets.

Annual Fee Schedule for Asset Managers, Transfer Agents, and Recordkeepers

 AUM or Plan Assets

 Fee 

Join Sheltered Harbor
 Online
Download 
 <$20B  $2,500       007 monitor 1      OR        Download 2500 Agreement
 $20B - $50B  $5,000       007 monitor 1      OR       Download 5000 Agreement
 $50B - $200B  $15,000        007 monitor 1      OR       Download 15000 Agreement
 > $200B  $25,000        007 monitor 1      OR       Download 25000 Agreement

If your operations include banking and/or brokerage accounts, please check those fee schedules as well, because you will pay a single fee based on the larger of the banking or brokerage or asset management fee calculation.

Welcome to Sheltered Harbor
Working Groups

Sheltered Harbor standards, best practices, and other materials are developed by collaborative working groups, composed of subject matter experts, mainly from Sheltered Harbor participant institutions and partners.

The working groups are highly active, meet often, and produce concrete deliverables. Therefore, joining is a real commitment. In return, members get to shape the development of the standard, build their own skills and expertise in various aspects of cyber resilience, and grow their professional networks through substantive work with peers around the country.

Current Working Groups:

  • Banking
  • Brokerage
  • GSIB
  • Technology
  • Adherence
  • Communications
  • Playbook and Logistics

If you are a participant interested in joining a working group, please contact Sheltered Harbor at This email address is being protected from spambots. You need JavaScript enabled to view it..

Alliance Partners

Sheltered Harbor has engaged several advisory and/or assurance firms as Alliance Partners to help participants with implementation.

We will continue to expand relationships with assurance and advisory firms in an effort to support the market with a broad menu of options, so keep checking for updates. 

Deloitte Advisory    
John Gelline Managing Director, Cyber Risk Services 571-271-6078 This email address is being protected from spambots. You need JavaScript enabled to view it.
EY Advisory    
Carl Liebel Executive Director, Financial Services Advisory 917-969-1802   This email address is being protected from spambots. You need JavaScript enabled to view it.
KPMG Advisory    
Vivek Mehta Partner, Emerging Technology Risk 646-239-6088   This email address is being protected from spambots. You need JavaScript enabled to view it.
Promontory Advisory    
Seth Kulakow  Director, Cyber Solutions Practice 303-947-7096   This email address is being protected from spambots. You need JavaScript enabled to view it.
PwC Advisory    
Ertem Osmanoglu Principal, Cybersecurity and Privacy 646-331-1595   This email address is being protected from spambots. You need JavaScript enabled to view it.
RSM Advisory & Assurance      
Hussain T. Hasan National Leader, Risk Advisory Services - Technology Risk Consulting 312-634-3700 This email address is being protected from spambots. You need JavaScript enabled to view it.

We're happy to hear from you.
Tell Us About Yourself.