Recent developments about the New York State Department of Financial Services
(Not affiliated with NYDFS; just a blog.)
NYDFS entered into a Consent Order for alleged cybersecurity violations against wealth management firm SA Stone, which sells insurance products to customers. According to DFS allegations: • SA Stone is an independent broker/dealer focusing on wealth management, holding licenses to sell insurance to its customers in New York. • SA Stone experienced several reportable cybersecurity breaches arising … Read more
According to the Consent Order’s allegations, and takeaways: • NYS DMV’s Insurance Information & Enforcement System (“IIES”) enables law enforcement to know whether vehicles on the road lack insurance. • As a public safety matter, injured motorists rely on the benefit of statutorily-required auto insurance. • Insured vehicle information provided by insurers to DMV is used to identify, … Read more
The New York State Senate passed legislation that will enhance NYDFS enforcement powers against unlicensed activity in the State. Takeaways: • While there has been some argument over the powers of NYDFS to go after unlicensed financial services activity in the state, new legislation passed by the Senate and pending in the Assembly clarifies that it … Read more
NYDFS continues to roll out enforcement actions for cybersecurity lapses. The latest is with lender OneMain. According to NYDFS allegations in its Consent Order: • This is the second cybersecurity enforcement action to arise from a routine examination, instead of a Cybersecurity Event. • Meaning, as noted before, these enforcement actions are now routine. • Third Party Risk … Read more
The New York Attorney General entered into a settlement with BitCoin seller and NYDFS licensee Coin Cafe over allegations of failure to register with the NYAG’s Investor Protection Bureau and charging excessive fees. According to NYAG allegations in its Assurance of Discontinuance: • Coin Café — apparently only a seller of only Bitcoin – nonetheless failed … Read more
NYDFS settled with several insurers that offer student health plans, alleging a number of violations. According to the DFS allegations across the four consent orders: • DFS found that four insurers – 4 Ever Life Insurance Co., Aetna Life Insurance Co., United Healthcare Insurance Co., and Wellfleet NY Insurance Co. — charged unapproved premium rates to … Read more
NYDFS issued an enforcement action against bitFlyer USA, Inc., a cryptocurrency exchange, obtaining a $1.2 million penalty. Takeaways from DFS allegations: • No specific cyber event was involved – enforcement was based on violations identified over two examination cycles • This suggests cybersecurity is now well integrated into the DFS examination process • Core violations included the lack … Read more
NYDFS penalized payment platform Bitpay for alleged violations of its regulations governing BSA/AML requirements and cybersecurity obligations. Here are some hot takes from DFS’ allegations set forth in its Consent Order: • Bitpay provides a payment platform for merchants wanting to receive Bitcoin payments; • Bitpay conducted only one cybersecurity risk assessment over a 4-year period; • Bitpay … Read more
According to a new policy memo to be adopted in the U.S. Justice Manual, “[c]onsistent with the Criminal Division’s approach for the past several years, as well as recent Department-wide guidance, any submission or selection of a monitor candidate by either the Company or the Criminal Division should be made in keeping with the Department’s … Read more
In submitting its Objection to the Third Amended Plan of Reorganization of bankrupt crypto firm Voyager, DFS argues that New York account holders of Voyager are disadvantaged in the plan and should be able to obtain their holdings much sooner, and not after acquisition of them by Binance, because “there is no reasonable basis for … Read more