Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

NYDFS warns financial institutions of February 15 cybersecurity compliance certification deadline

Privacy/Cyber Risk & Data Security State Issues NYDFS Bank Compliance 23 NYCRR Part 500

Privacy, Cyber Risk & Data Security

On January 22, the New York Department of Financial Services (NYDFS) issued a reminder to all NYDFS-regulated banks, insurance companies, and other financial services institutions that the deadline to file cybersecurity certifications of compliance is February 15, 2018. Mandated by NYDFS’ cybersecurity regulation that went into effect March 1, 2017 (see previous InfoBytes coverage here), the certification covers the prior calendar year and must be filed electronically through the DFS cybersecurity portal. NYDFS Superintendent Maria T. Vullo also announced that going forward, cybersecurity will be incorporated into all department examinations, and cybersecurity-related questions will be added to NYDFS’ “first day letters” issued to commence examinations of financial services companies.