Comparison Overview

Bank of America Merrill Lynch

VS

Merrill Lynch

Bank of America Merrill Lynch

100 North Tryon Street, Charlotte, 28255, US
Last Update: 2026-04-01
View Profile
Between 750 and 799
http://www.bofaml.com

From local communities to global markets, we are dedicated to shaping the future responsibly and helping clients thrive in a changing world. “Bank of America Merrill Lynch” is the marketing name for the global banking and global markets businesses of Bank of America Corporation. Bank of America is a marketing name for the Retirement Services business of Bank of America Corporation. Lending, derivatives, and other commercial banking activities are performed globally by banking affiliates of Bank of America Corporation, including Bank of America, N.A., Member FDIC. Securities, strategic advisory, and other investment banking activities are performed globally by investment banking affiliates of Bank of America Corporation (“Investment Banking Affiliates”), including, in the United States, BofA Securities, Inc., Merrill Lynch, Pierce, Fenner & Smith Incorporated, and Merrill Lynch Professional Clearing Corp., all of which are registered broker-dealers and Members of SIPC, and in other jurisdictions, by locally registered entities. BofA Securities, Inc., Merrill Lynch, Pierce, Fenner & Smith Incorporated and Merrill Lynch Professional Clearing Corp. are registered as futures commission merchants with the CFTC and are members of the NFA.   Investment products: Are Not FDIC Insured May Lose Value Are Not Bank Guaranteed Any opinions, views, statements, estimates or projections (“posts”) posted on this web page are solely those of the individual author(s). As such, posts by an employee of BofAML or any of its affiliates are solely those of such employee or agent and do not necessarily reflect the views of BofAML. BofAML is not responsible for the content, or output of external websites. For Terms and Conditions and Disclaimers, please visit go.bofaml.com/social. Bank of America LinkedIn Community Guidelines can be found at: http://about.bankofamerica.com/en-us/social-media/linkedin-community-guidelines.html

NAICS: 52
NAICS Definition: Finance and Insurance
Employees: 16,629
Subsidiaries: 4
12-month incidents
0
Known data breaches
3
Attack type number
3
View Profile

Merrill Lynch

2 World Financial Center, New York, 10281, US
Last Update: 2026-03-27
Between 800 and 849
http://www.ml.com

Founded in 1914, Merrill is one of the largest wealth management businesses in the world. Merrill financial advisors combine financial knowledge and experience with a deep understanding of their clients’ needs to help their clients pursue the lives they want. With a deep commitment to placing their clients' interests first, Merrill financial advisors draw upon the investment insights of Merrill and the banking insights of Bank of America to unlock opportunities tailored to their clients’ needs in many areas of their financial lives. The strategies our financial advisors offer go beyond investment management to include college savings strategies, retirement planning, eldercare, philanthropy, estate planning services, small business services, and access to cash management & banking strategies. Any opinions, views, statements, estimates or projections ("posts") posted on this web page are solely those of the author(s). Merrill Lynch Global Wealth Management is part of Bank of America Corporation's Global Wealth & Investment Management business. Additional Terms, Conditions & Disclaimers found here: https://www.ml.com/social-media/merrill-lynch-on-twitter.html Disclaimer The site is maintained by a third party that has no affiliation with Merrill Lynch, Pierce, Fenner & Smith Incorporated ("MLPF&S" or "Merrill"). The recommendations posted to this page by or about Merrill employees, are not endorsed by, and may not represent the views. This material is not intended to constitute a recommendation, offer or solicitation for the purchase or sale of any security financial instrument. or strategy. Always consult with your independent attorney, tax advisor, investment managers, and insurance agent for final recommendations and before changing or implementing any financial, tax, or estate planning strategy. Bank of America Linkedin Community Guidelines: http://about.bankofamerica.com/en-us/social-media/linkedin-community­guidelines.html

NAICS: 52
NAICS Definition: Finance and Insurance
Employees: 34,603
Subsidiaries: 1
12-month incidents
0
Known data breaches
3
Attack type number
3

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/bank-of-america-merrill-lynch.jpeg
Bank of America Merrill Lynch
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/merrilllynch.jpeg
Merrill Lynch
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Bank of America Merrill Lynch
100%
Compliance Rate
0/4 Standards Verified
Merrill Lynch
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for Bank of America Merrill Lynch in 2026.

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for Merrill Lynch in 2026.

Incident History — Bank of America Merrill Lynch (X = Date, Y = Severity)

Bank of America Merrill Lynch cyber incidents detection timeline including parent company and subsidiaries

Incident History — Merrill Lynch (X = Date, Y = Severity)

Merrill Lynch cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/bank-of-america-merrill-lynch.jpeg
Bank of America Merrill Lynch
Incidents

Date Detected: 12/2025
Type:Cyber Attack
Attack Vector: Malicious script injection (client-side)
Motivation: Credential theft for potential lateral movement into banking infrastructure
Blog: Blog

Date Detected: 2/2025
Type:Breach
Attack Vector: Inadvertent Disclosure
Blog: Blog

Date Detected: 10/2024
Type:Breach
Blog: Blog
https://images.rankiteo.com/companyimages/merrilllynch.jpeg
Merrill Lynch
Incidents

Date Detected: 12/2025
Type:Cyber Attack
Attack Vector: Malicious script injection (client-side)
Motivation: Credential theft for potential lateral movement into banking infrastructure
Blog: Blog

Date Detected: 2/2025
Type:Breach
Attack Vector: Inadvertent Disclosure
Blog: Blog

Date Detected: 10/2024
Type:Breach
Blog: Blog

FAQ

Merrill Lynch company demonstrates a stronger AI Cybersecurity Score compared to Bank of America Merrill Lynch company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Bank of America Merrill Lynch and Merrill Lynch have experienced a similar number of publicly disclosed cyber incidents.

In the current year, Merrill Lynch company and Bank of America Merrill Lynch company have not reported any cyber incidents.

Neither Merrill Lynch company nor Bank of America Merrill Lynch company has reported experiencing a ransomware attack publicly.

Both Merrill Lynch company and Bank of America Merrill Lynch company have disclosed experiencing at least one data breach.

Both Merrill Lynch company and Bank of America Merrill Lynch company have reported experiencing targeted cyberattacks.

Neither Bank of America Merrill Lynch company nor Merrill Lynch company has reported experiencing or disclosing vulnerabilities publicly.

Neither Bank of America Merrill Lynch nor Merrill Lynch holds any compliance certifications.

Neither company holds any compliance certifications.

Bank of America Merrill Lynch company has more subsidiaries worldwide compared to Merrill Lynch company.

Merrill Lynch company employs more people globally than Bank of America Merrill Lynch company, reflecting its scale as a Financial Services.

Neither Bank of America Merrill Lynch nor Merrill Lynch holds SOC 2 Type 1 certification.

Neither Bank of America Merrill Lynch nor Merrill Lynch holds SOC 2 Type 2 certification.

Neither Bank of America Merrill Lynch nor Merrill Lynch holds ISO 27001 certification.

Neither Bank of America Merrill Lynch nor Merrill Lynch holds PCI DSS certification.

Neither Bank of America Merrill Lynch nor Merrill Lynch holds HIPAA certification.

Neither Bank of America Merrill Lynch nor Merrill Lynch holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References