NY regulator urges firms to comply with cybersecurity regulation

Maria Nikolova

The final implementation period for the regulation ends March 1, 2019.

Financial Services Superintendent Maria T. Vullo today reminded all entities regulated by the New York State Department of Financial Services (DFS) that they have to be in full compliance with the cybersecurity regulation by March 1, 2019.

Let’s recall that New York’s cybersecurity regulation became effective March 1, 2017. DFS, however, offered a two-year timeline for implementation of the regulation’s requirements, with a final compliance deadline of March 1, 2019. The final step in the implementation timeline requires regulated entities that use third-party providers to put in place policies and procedures ensuring the security of information systems and nonpublic information accessible to, or held by, such providers.

Superintendent Vullo today also reminded all regulated entities that the second certification of compliance covering the prior calendar year must be filed electronically via the DFS cybersecurity portal not later than February 15, 2019.

Under the cybersecurity rules, all banks, insurance companies, and other financial services institutions and licensees regulated by DFS are now required to have a cybersecurity program in place that is designed to protect consumers’ private data. The cybersecurity program has to perform a number of core cybersecurity functions, such as identification and assessment of cybersecurity risks regarding the Nonpublic Information stored on the Covered Entity’s Information Systems. The program also has to detect cybersecurity events, and respond to such events.

The entities also have to have a written policy or policies that are approved by the board or a senior officer. This policy has to address matters like data governance and classification, risk assessment, and incident response.

The firms affected by the new rules must have a Chief Information Security Officer to help protect data and systems. They also must secure protections of data at third-party providers. Furthermore, they need to have in place controls and plans to help ensure the safety and soundness of New York’s financial services industry.

Finally, covered entities and licensees must also report cybersecurity events to DFS through the Department’s online cybersecurity portal.

Cyber security is high on the agenda of the United States National Futures Association (NFA) too. Early in January this year, NFA clarified the amendments to its Information Systems Security Programs Interpretive Notice. The Association plans a raft of changes, including a requirement for members to inform it about certain cybersecurity-related incidents. Members (other than futures commission merchants for which NFA is not the DSRO) will have notify NFA of cybersecurity incidents related to their commodity interest business that:

  • result in a loss of customer or counterparty funds or loss of a Member firm’s capital; or
  • if a Member notifies its customers or counterparties of an incident pursuant to state or federal law.

Read this next

Inside View

Crypto Liquidity Providers: No Transaction, No Party!

One of the most integral parts of trading cryptocurrencies is ensuring seamless transactions; however, this is not always easy when you first start using cryptocurrency exchanges.

Digital Assets

Niftables launches white label NFT platform for content creators and brands

Niftables is the go-to platform for brands and creators looking to realize their NFT vision — whether they’re an individual or the biggest entertainment company in the world.

Retail FX

ACY Securities sponsors Table Tennis NSW as CFD broker bets in Australia’s youngest

ACY Securities has partnered with Table Tennis New South Wales (TTNSW) for a two-year sponsorship agreement intended to highlight the Chatswood-based multi-asset CFD broker’s brand in Australia, with a focus on the southeastern state.

Executive Moves

Peter Hetherington appointed CEO of Capital.com, Currency.com, and Shares.com

With his extensive experience driving strategy and growth for leading wealth and brokerage firms in highly regulated markets, Peter is the ideal CEO to lead the Group on its next chapter of growth and success.”

Digital Assets

Crypto platform Elwood raises $70m from Goldman Sachs, Dawn, Barclays, BlockFi, Flow, Galaxy, more

Elwood Technologies has closed a $70 million Series A funding round co-led by Europe’s largest B2B investor Dawn Capital and global investment bank, Goldman Sachs.

Industry News

Wilshire to launch Climate Change 1.5℃ Target Index with Nikkei and Hang Seng

Wilshire has announced a collective launch with Nikkei and Hang Seng to bring to market the first in a series of indexes empowering investors to transition their investments towards a low-carbon and climate resilient economy.

Industry News

Anne Boden’s Starling Bank bets big on UEFA Women’s EURO 2022 tournament

Starling Bank has launched a campaign ahead of the UEFA Women’s EURO 2022 tournament as part of its national sponsorship, the biggest ever for the bank.

Industry News

Older adults flock to financial apps as Revolut reports 215% more UK users aged 55-74 since pandemic

Data has also shown that older adults are back to travelling as the 55-64 UK age group has seen a tenfold increase in the amount spent in foreign countries over the past two years, and the 64-75 age group isn’t far behind with an 840% increase.

Industry News

Ripple replies to SEC’s last attempt and “shoves it down their throats pretty hard”

“The SEC really messed that up. How can Hinman receive legal advice from SEC lawyers for a personal opinion?”, attorney Hogan commented.