Recent developments about the New York State Department of Financial Services
(Not affiliated with NYDFS; just a blog.)
Matthew L. Levine My latest post on the blog for the NYU Program on Corporate Compliance and Enforcement deals with enforcement aspects of the recent amendments to the NYDFS Cybersecurity Regulation, Part 500. These recent amendments to the Cybersecurity Regulation (Part 500) of the New York State Department of Financial Services (NYDFS) are quite expansive in scope.[1] Chief Compliance … Read more
Enforcement takeaways from the Consent Order (per DFS allegations): • After doing a lookback, Payoneer discovered it had engaged in approximately $793,000 worth of transactions with persons or entities in sanctioned countries during the period Iran, Sudan, Syria and individuals on the SDN List between 2013 and 2018 • Payoneer self-disclosed these violations to OFAC, which settled … Read more
In conjunction with its proposed guidance, DFS has significantly trimmed “Greenlisted” coins. It has cut the list to Bitcoin, Ethereum, and several stablecoins. Until recently it had Greenlisted approximately two dozen coins. These changes are part of the Department’s initiative seeking to strengthen DFS oversight of virtual currencies, which include new guidance coin listing and … Read more
According to the DFS allegations in the Four Consent Orders (found here): • Following a market conduct investigation in 2018, DFS has continued to penalize insurance companies for failing to timely report certain insured vehicle information to the NY DMV • DFS fined Allstate Insurance group $796,000; Farmers Insurance Group $764,000; Tokio Marine Insurance Group $720,000; and … Read more
According to the strategy released by New York governor Kathy Hochul: “Financial Sector[:] In 2017, the New York State Department of Financial Services (DFS) became the first banking or insurance regulator in the nation to establish a cybersecurity division to protect consumers and industries from cyber threats. DFS also created first-in-the-nation requirements for DFS-regulated banks, … Read more
Harriet Pearson has been appointed Executive Deputy Superintendent for Cybersecurity by Superintendent Adrienne A. Harris, following the departure of Justin Herring. Announcement here.
NYDFS entered into a Consent Order for alleged cybersecurity violations against wealth management firm SA Stone, which sells insurance products to customers. According to DFS allegations: • SA Stone is an independent broker/dealer focusing on wealth management, holding licenses to sell insurance to its customers in New York. • SA Stone experienced several reportable cybersecurity breaches arising … Read more
NYDFS has published in the State Register its revised proposed second amendment to Part 500, the Cybersecurity Regulation. Some changes have been made based on comments received on the prior draft. It is a dense document, as is the Assessment of Comments. More to come.
According to the Consent Order’s allegations, and takeaways: • NYS DMV’s Insurance Information & Enforcement System (“IIES”) enables law enforcement to know whether vehicles on the road lack insurance. • As a public safety matter, injured motorists rely on the benefit of statutorily-required auto insurance. • Insured vehicle information provided by insurers to DMV is used to identify, … Read more
The New York State Senate passed legislation that will enhance NYDFS enforcement powers against unlicensed activity in the State. Takeaways: • While there has been some argument over the powers of NYDFS to go after unlicensed financial services activity in the state, new legislation passed by the Senate and pending in the Assembly clarifies that it … Read more