Tag

Financial Institutions

Browsing

Effective Nov. 1, the New York State Department of Financial Services has strengthened cybersecurity requirements for financial services companies. All companies should take account of these amendments, as these NYDFS regulations are increasingly referenced as key benchmarks for cybersecurity compliance programs. New York’s Department of Financial Services finalized significant amendments to the cybersecurity requirements for financial services companies in Part 500 of Title 23 of the Official Compilation of Codes, Rules and Regulations of the…

Effective November 1, 2023, New York State Department of Financial Services (“DFS”) Strengthens Cybersecurity Requirements for Financial Services Companies. All companies should take account of these amendments, as these DFS regulations are increasingly referenced as key benchmarks for cybersecurity compliance programs. New York State’s Department of Financial Services (“DFS”) finalized significant amendments to 23 CRR-NY 500 NY-CRR, “Cybersecurity Requirements for Financial Services Companies” (“Part 500”). This follows two rounds of proposed amendments and public comment…

In Brief On March 15, 2023, the US Securities Exchange Commission (“SEC”) proposed amendments to Regulation S-P (“Reg S-P”). If adopted, the amendments would introduce new data security and governance requirements for broker-dealers, investment companies, and investment advisers registered with the SEC. Background When the SEC first promulgated Regulation S-P in 2000, the goal was to ensure that covered entities establish adequate safeguards to protect customer information. The existing version consists essentially of two cornerstone…

As predicted in our Connect on Tech discussion in March, the U.S. Securities and Exchange Commission (“SEC”) is ramping up its examination and enforcement focus on cybersecurity at financial institutions, including scrutiny on actual implementation and deployment of published procedures in response to discovery of cyber breach incidents. Furthermore, the SEC appears to signal its expectation that multi-factor authentication (“MFA”) for email accounts containing sensitive client and customer information should be in place. Email Account…

Partners Peter Chan and Valerie Mirko join Brian Hengesbaugh to discuss the SEC and cybersecurity, leveraging their own experiences with the agency to give an overview of the past, present and future. Listen to learn about: The evolution of the SEC’s focus on cybersecurity, particularly with regard to financial institutionsAn insider’s take on what may trigger SEC investigationWhat’s in store with the Biden administration and how companies should prepare https://open.spotify.com/episode/5Z4nHbjxtrntljyEBMRRqF?si=J3ucfdTRQF6lArxRf540FA Related Resources: SEC Announces 2021…

The US Department of Treasury issued the final CFIUS/FIRRMA regulations on its foreign investment on 13 January 2020, effective 13 February 2020. While it is far from the only country that has re-examined its stance on foreign direct investment, this move by one of the biggest economies worldwide has made a discussion on the topic timely, if not necessary. In this episode of TMT Talk, Lothar Determann, Anahita Thoms, and Rod Hunter share their views on the policies that…

Digital assets vary. They can be a virtual currency that has no analog in the real world, and exists only on the blockchain used as a substitute for money. For this reason, virtual currencies are generally considered to be secure and offering a high degree of privacy. A recent decision from a US federal court of appeals, however, may cast a different light on this generally held view. USA v. Gratkowski In United States v.…

In a surprising turn of events, the New York State Department of Financial Services (“DFS”) announced on December 28 significant changes to its cybersecurity regulation in response to industry concerns that the agency’s original proposal was too prescriptive, and did not allow enough time for compliance.In September of 2016, DFS had proposed stringent cybersecurity requirements aimed at protecting “Nonpublic Information” within the custody or control of banks, insurers, and other financial institutions (“Covered Entities”) from…

The concept of AI is generally attributed to computer scientist John McCarthy, back in the ’50ies. It is extremely broad and complex, yet it may be summarised (at the risk of oversimplification) as machine intelligence designed to perform a defined set of actions and to learn from experience. AI is nowadays part of our lives, often without us noticing. According to Ray Kurzweil’s fascinating theory “The Singularity is Near”, the time when advanced AI will really…

Part of the Ghosts in the Machine b:INFORM SeriesArtificial Intelligence – Regulatory RiskIn this article forming part of our b:INFORM Ghosts in the Machine Series , we analyse the survey findings relating to regulatory risks arising from the use of Artificial Intelligence (“AI”) in financial markets and institutions. Click here for our article analysing the survey findings relating to legal risks arising from the use of Artificial Intelligence. And you are welcome to visit our Ghosts in…