Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
Will Resiliency Carry the Digital Asset Sector Through 2024: State-Level Developments — The Crypto Exchange Podcast
Climate Risk, the emerging risk
The NYDFS Updates Its Stringent Cybersecurity Regulations. Is This a Bellwether of Coming Industry Change? - The Consumer Finance Podcast
How the New York Department of Financial Services (DFS) Regulates Virtual Currency, a Close Look with Special Guest Kaitlin Asrow, Executive Deputy Superintendent of Research and Innovation, DFS
Compliance Into The Weeds - DFS Fines Carnival Cruise Lines for Cyber Failures
Compliance into the Weeds: DFS First Cyber Case-First American Title
Videocast: Asset management regulation in 2020 videocast series – Regulators step up pressure to implement LIBOR transition plans
Your Cyber Minute: State influences bring a new dawn of cyber regulations
Your Cyber Minute: Compliance with the Proposed NYDFS Cybersecurity Regulation
Your Cyber Minute: Harriet Pearson and Greg Lisa on the Proposed NYDFS Cyber Security Regulation
As part of a multiyear rollout, the New York Department of Financial Services (NYDFS) has established May 1, 2025, and November 1, 2025, as effective dates for certain amendments to its cybersecurity regulations. These...more
Our Privacy, Cyber & Data Strategy Team highlights the increasingly specific cybersecurity controls identified by regulators, explains why these enhanced cybersecurity controls have become the focus of regulators, and shares...more
In November 2023, New York State's Department of Financial Services (NYDFS) amended its cybersecurity regulation, Part 500. This legal alert provides an update for Covered Entities and Class A Businesses on the current NYDFS...more
Digital Asset Companies Announce New Partnerships, Acquisitions, Products - A recent press release announced that Ripple, a U.S. fintech and digital asset infrastructure provider, has agreed to acquire Hidden Road, a prime...more
On March 20, the New York Department of Financial Services (NYDFS) entered into a consent order with a money transmitter, joining a group of state financial regulators acting through a multi-state task force coordinated by...more
On April 3, 2025, the New York State Department of Financial Services (“DFS”) issued reminders about upcoming implementation and reporting deadlines related to its cybersecurity regulations. Upcoming deadlines require...more
In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
Recently, it was reported NYDFS recently appointed Gabriel O’Malley as the head of its Consumer Protection and Financial Enforcement Division (CPFED), effective on March 13, according to a recent social media post. O’Malley...more
Covered entities regulated by the New York State Department of Financial Services (NYDFS) must submit cybersecurity compliance forms by April 15, 2025. New sets of requirements for system monitoring and access privileges,...more
As we recently reported, there have been rollbacks of consumer protections on the federal level, including the curtailing of enforcement activity at the CFPB. ...more
March 17, 2025 - Michelle W. Bowman, currently a governor on the Board of Governors of the Federal Reserve System, was nominated to serve as the vice chair of supervision....more
Businesses that are subject to the NYDFS Cybersecurity Regulations have four weeks left to submit their annual notices of compliance or acknowledge their noncompliance. When the regulations were amended in 2023, several of...more
As the Trump Administration attempts to drastically cut CFPB funding and staffing, New York regulators and legislators are attempting to fill what could be a void in consumer protection efforts....more
On March 11, the Superintendent of NYDFS, Adrienne Harris, reportedly announced her agency’s intention to hire federal financial agency employees affected by recent job cuts under the Trump administration. Harris highlighted...more
Welcome to the “Data Privacy and Cybersecurity” chapter of our annual report, Consumer Financial Services: 2024 Year in Review. Consumer financial services regulators are taking a keen interest in artificial intelligence...more
On February 27, the staff of the Division of Corporation Finance (the “Staff”) of the Securities and Exchange Commission (“SEC” or “Commission”) released a statement concerning meme coins (“Statement”) with the stated...more
Katten's Financial Markets and Funds Quick Take is a monthly newsletter highlighting key noteworthy developments potentially affecting financial markets and funds....more
The Staff stated that most meme coins are not subject to federal securities laws or SEC fraud enforcement; who will oversee meme coins remains an open question. On February 27, 2025, the Securities and Exchange...more
As we previously reported, in 2023 the New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500). As of November 1, 2024, Class A Companies and Covered Entities...more
Financial firms doing business in New York should be mindful of a recent e-blast sent by the state’s financial regulator concerning cybersecurity requirements that become effective in less than two months. The New York...more
On February 27, NYDFS reminded covered entities subject to the Cybersecurity Regulation to submit their annual compliance notifications for the 2024 calendar year. Covered entities must submit the compliance filing by April...more
The New York State Department of Financial Services recently announced that it has entered into a consent order with PayPal, Inc. for violations of the NYDFS Cybersecurity Regulation. The consent order, under which PayPal has...more
Keypoint: New York has amended its data breach notification law twice in the last 60 days to (1) add a 30-day deadline for notifying affected residents, (2) clarify that covered financial entities must still notify the New...more
On February 14, the Governor of New York signed into law SB 804 (the “Act”), which amends the general business law concerning when and how notifications for data breaches are provided to the New York Department of Financial...more