On Nov. 9, 2022, the New York Department of Financial Services (NYDFS) issued a proposed second amendment to its 2017 cybersecurity regulation for financial service companies.[1] In July 2022, NYDFS issued a draft version of the changes, but the current amendment has significant changes. Most of the proposed changes will take effect 180 days
Financial institutions
FTC Delays Compliance Date of the Safeguards Rule
Go-To Guide:
- The Safeguards Rule compliance deadline is delayed by six months
- Eight subsections of the Safeguards Rule are affected by the delay
- The new effective date for compliance is June 9, 2023
- The FTC cited implementation challenges for small business as the reason for the delay.
On Nov. 15, 2022, the Federal Trade Commission…
5 Key Trends for Cybersecurity Awareness Month
October is Cybersecurity Awareness Month! In this GT Bulletin, Shareholders Jena Valdetero and Kevin Scott highlight five key trends that should be top-of-mind for businesses and organizations to protect their data systems and remain in compliance with the various rules to which they are subject. Click here to watch the full GT Bulletin.
Sept. 20 EVENT | Money Transmitter Regulators Association 2022 Annual Conference
GT Shareholder Timothy A. Butler will deliver a “Regulatory Roundup” during a meeting for industry members at the Money Transmitter Regulators Association (MTRA) 2022 Annual Conference in Fort Worth, Texas. The presentation, beginning Sept. 20 at 1:15 p.m., will address how money services businesses (MSBs) can comply with the ever-changing set of data privacy…
CFPB Warns Insufficient Data Security Measures May Violate Consumer Financial Protection Act
On Aug. 11, 2022, the U.S. Consumer Financial Protection Bureau issued guidance indicating that financial institutions and service providers that fail to adopt sufficient data security measures to protect consumer financial data may violate the Consumer Financial Protection Act provision prohibiting unfair acts and practices.
Feb. 2 Event | What to Expect in 2022: Financial Services Litigation
Join us as we discuss significant financial services cases and trends from 2021 and risks and issues for companies to watch for in 2022, including movements in mass arbitrations and class actions. We will also share thoughts on how to narrow or eliminate these risks going forward.
Wednesday, Feb. 2, 2022
12-1 p.m. EST
REGISTER
…
Federal Banking Regulators Issue 36-Hour Cybersecurity Breach Notification Requirement
Beginning in April 2022, banking organizations and bank service providers will be subject to the shortest regulatory breach notification reporting time frame of any law to date – 36 hours.
With Updated Safeguards Rule, FTC Signals New Wave of Cybersecurity Enforcement for Financial Institutions
On Oct. 27, 2021, the Federal Trade Commission (FTC) amended its Standards for Safeguarding Customer Information (the “Safeguards Rule”), promulgated under the Gramm-Leach-Bliley Act (GLBA).
This GT Alert covers the following: |
|
…
Financial institution confusion: Are financial institutions fully exempt from the CCPA, CPRA, VCDPA, and CPA?
The Gramm–Leach–Bliley Act (GLBA) and its implementing regulations impose privacy requirements when financial institutions collect “nonpublic personal information about individuals who obtain financial products or services primarily for personal, family, or household purposes.”[1] GLBA does not apply, however, when a financial institution collects information about individuals “who obtain financial products or services for business,…