FSB report – Cyber incident reporting – existing approaches and next steps for broader convergence

On 19 October 2021, the Financial Stability Board (FSB) published a report exploring whether greater convergence in the reporting of cyber incidents is achievable in light of increasing financial stability concerns, especially given the digitalisation of financial services and increased use of third party service providers. The FSB found that fragmentation exists across sectors and … Continue Reading

NYDFS settles another cybersecurity enforcement action

By David Kessler (US), Susan Ross (US) and Patrick Burke (US) on June 3, 2021 Posted in cybersecurity, data protection, General, Regulation and compliance, United States

On May 13, 2021, the New York Department of Financial Services (NYDFS) announced a $1.8 million settlement with two related insurance companies, relating to violations of two different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2019. Read a discussion of the May 13 settlement by David Kessler, Susan Ross and Patrick … Continue Reading

New York State imposes a $1.5 million penalty in cybersecurity breach case

By Susan Ross (US) and Kathleen Scott (US) on March 16, 2021 Posted in cybersecurity, data protection, Enforcement, Fintech, General, Regulation and compliance, United States

On March 3, 2021, the New York Department of Financial Services (NYDFS) announced a Consent Order with a NYDFS-licensed Maine-based mortgage banker and loan servicer settling alleged violations of the NYDFS cybersecurity regulations. (In the matter of Residential Mortgage Services, Inc., March 3, 2021). As a result of the regular safety and soundness examination of … Continue Reading