On May 13, 2021, the New York Department of Financial Services (NYDFS) announced a $1.8 million settlement with two related insurance companies, relating to violations of two different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2019. Read a discussion of the May 13 settlement by David Kessler, Susan Ross and Patrick … Continue Reading
On March 3, 2021, the New York Department of Financial Services (NYDFS) announced a Consent Order with a NYDFS-licensed Maine-based mortgage banker and loan servicer settling alleged violations of the NYDFS cybersecurity regulations. (In the matter of Residential Mortgage Services, Inc., March 3, 2021). As a result of the regular safety and soundness examination of … Continue Reading
On December 18, 2020, the US Department of the Treasury (Office of the Comptroller of the Currency), Federal Reserve Board and Federal Deposit Insurance Corporation (FDIC) jointly announced a 53-page proposed rule that would require banks to notify their regulators within 36 hours of a “computer-security incident” that rises to the level of a “notification … Continue Reading