Recent developments about the New York State Department of Financial Services
(Not affiliated with NYDFS; just a blog.)
Superintendent Harris has been busy on her way out the door: – In addition to issuing several pieces of guidance in the past few weeks, she announced Consent Orders with 8 insurance firms and brokers resolving an investigation involving attacks on agent and consumer portals that allegedly exposed consumer information. According to the DFS press … Read more
NYDFS issued guidance in the form of a policy statement on obtaining what it terms a “Notice of Satisfaction of Agreements.” · Importantly, a Satisfaction Notice does not serve as the termination of a Consent Order, Written Agreement or MOU: “Notices will not alter, rescind, or seal an Agreement, and they will not cancel any restriction imposed … Read more
According to the Consent Order: • Multistate examination found AML deficiencies including (a) failure to provide for an independent review of the AML Program on a frequency commensurate with services provided; (b) deficiencies identified in processes for investigating and reporting suspicious activity, including the failure to timely file SARs; (c) transaction monitoring data integrity issues; (d) … Read more
Does the Supreme Court’s decision in SEC v. Jarkesy entitle a licensed NYDFS entity to a jury trial in an enforcement action? Maybe. If interested see my latest blog post for the NYU Program on Corporate Compliance and Enforcement.
According to Compliance Week: • “The New York Department of Financial Services (NYDFS), led by Superintendent Adrienne Harris, doesn’t intend to let up on cryptocurrency enforcement, even in the face of pullback from the federal government.” • “Speaking during a fireside chat at Compliance Week’s 20th National Conference in Washington, D.C., Harris described how her office intends to remain … Read more
Enforcement takeaways (according to the Consent Order allegations): • NYDFS appears more inclined recently to act with other regulators under the auspices of the Conference of State Banking Supervisors and Money Transmitter Regulators Association. The action grew out of a multi-state investigation and subsequent Interim Cease and Desist Order filed by the agencies in March 2024. • NYDFS … Read more
NYDFS Superintendent Adrienne A. Harris participated in a fireside chat with the Institute of International Bankers and gave the following updates (summarized): • Impact of Change in Federal Administration: Superintendent Harris said that the change in administration at the CFPB and elsewhere would not alter DFS’ course; that there were gaps in consumer protection even before the … Read more
Superintendent Harris testified before NYS legislature and DFS issued its Regulatory Agenda. Per testimony: Looking Back: • “Since August 2021, DFS has adopted or amended 54 regulations, issued 98 pieces of regulatory guidance, and closed 117 enforcement actions resulting in more than $418 million in penalties.” •“We have addressed more than 157,000 consumer complaints and returned $$645 million to New York State consumers and health care providers, including over … Read more
Enforcement takeaways (according to DFS allegations in the Consent Order with PayPal): • NYDFS found customer data was exposed after PayPal implemented changes to make 1099-K forms available to more of its customers, after teams tasked with implementing these changes failed to follow proper procedures before the changes went live. • Malicious actors leveraged compromised credentials to … Read more
Two new cybersecurity enforcement actions from NYDFS, against GEICO and Travelers Indemnity Co. Enforcement takeaways are (according to DFS allegations): • GEICO experienced three cybersecurity events in a short period of time primarily involving customer interfaces for obtaining quotes and submitting claims and the web portal for GEICO agents, allowing threat actors to obtain driver license … Read more