The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more
6/3/2024
/ Artificial Intelligence ,
Continuing Legal Education ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Privacy ,
Disclosure Requirements ,
Enforcement Actions ,
Financial Institutions ,
Financial Services Industry ,
Incident Response Plans ,
New Guidance ,
New Regulations ,
New Rules ,
Notice of Proposed Rulemaking (NOPR) ,
Notification Requirements ,
Regulation S-P ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
State Privacy Laws ,
Third-Party Risk ,
Webinars
The Securities Exchange Commission (SEC) and the U.S. Department of Treasury's Financial Crimes Enforcement Network (FinCEN) issued a proposed rule on May 13, 2024 (Proposed Rule), which could have sweeping effects on the...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
1/29/2024
/ Artificial Intelligence ,
Compliance ,
Consumer Privacy Rights ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Deep Fake ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Incident Response Plans ,
Personal Information ,
Policies and Procedures ,
Popular ,
Ransomware ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
State Privacy Laws ,
Supply Chain
Fraudulent activity in the financial industry is nothing new. The techniques employed by fraudsters have ranged from fake check fraud and credit card fraud to identity theft and financial account takeovers. For years,...more
On May 31, 2023, renowned managed file transfer solution provider Ipswitch, Inc. revealed a zero-day vulnerability in its flagship solution, MOVEit Transfer, that can enable mass data theft from thousands of organizations....more
The Securities and Exchange Commission (SEC) continued its focus on cybersecurity regulations this month by announcing three new proposed rules and re-opening the comment period on an additional proposed rule from last year....more
As organizations in the financial sector continue to migrate IT and business services to the cloud and adopt other cloud offerings, it is important that financial institutions understand the risks associated with each. A U.S....more
The National Credit Union Administration (NCUA) has approved new cyber incident reporting requirements for credit unions. Under the final rule, federally insured credit unions will be required to notify the NCUA of a...more
On multiple fronts, the U.S. Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) continue to increase their focus on cybersecurity. This is understandable as headlines of recent...more
On August 11, 2021, the Federal Financial Institutions Examination Council (FFIEC), the multi-agency authority responsible for issuing uniform principles and standards for supervision of financial institutions, published new...more
Earlier this month, Colorado became the third state to pass comprehensive data privacy legislation. As we have previously analyzed, California originally passed the CCPA and the CPRA, then Virginia passed the VCDPA, and now...more
California is continuing to make news with respect to its privacy laws. California's Attorney General recently announced the approval of new amendments to regulations of the California Consumer Privacy Act (CCPA). The new...more
The New York Department of Financial Services (NYDFS) has become a frequent topic of these alerts. In recent weeks we have covered multiple actions from the regulator, including its first enforcement action, its SolarWinds...more
We've all heard a lot about cybersecurity risks and how cyberattacks have dramatically increased since COVID-19 changed our daily work environments. A recent attack has resulted in the demise of a hedge fund and illustrates...more
Virginia has become the latest state to pass comprehensive privacy legislation as its legislature voted to enact SB 1392, known as the Consumer Data Protection Act (the "Act"). Although many other states have proposed privacy...more
2/24/2021
/ Consumer Privacy Rights ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
State and Local Government ,
Virginia
New York remains extremely active in the cybersecurity and data protection arena. As we have recently discussed, New York is considering a proposed privacy bill that would greatly enhance consumer privacy rights, increase...more
While California understandably has received most of the attention given its recent passage of the California Privacy Rights Act (CPRA), several other states continue to move forward with consideration of their own privacy...more
1/27/2021
/ Consumer Privacy Rights ,
Data Collection ,
Data Management ,
Data Privacy ,
Information Governance ,
New York ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Policy ,
State Privacy Laws
The Office of the Comptroller of the Currency (OCC), the Federal Reserve Board (FRB), and the Federal Deposit Insurance Company (FDIC), have issued a notice of proposed rulemaking (Proposed Rule) that would require a banking...more
1/13/2021
/ Banking Sector ,
Breach Notification Rule ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FDIC ,
Notification Requirements ,
OCC ,
Proposed Rules
The financial services industry faced unprecedented cybersecurity and privacy challenges in 2020. From learning how to operate with a remote workforce, dealing with a complex and evolving regulatory environment, facing an...more
Both the Office of Foreign Assets Control (OFAC) and the Financial Crimes Enforcement Network (FinCEN) of the U.S. Department of Treasury have issued advisories recently regarding regulatory considerations financial...more
While most of us have been understandably focused on the presidential election, the State of California has passed significant new privacy legislation that may have a substantive impact on your business. Specifically,...more
Late last month, the Office of the Comptroller of the Currency (OCC) issued an Interpretive Letter clarifying that national banks and federal savings associations are authorized to provide safekeeping and custody services for...more
Last week, the New York Department of Financial Services (NYDFS) filed its first enforcement action against a title insurance company (the company) alleging multiple violations of its Cybersecurity Regulation. New York's...more
On April 30, 2010, the Federal Financial Institutions Council (FFIEC) issued Guidance on the use of cloud computing services and security risk management principles in the financial services sector. The Guidance reminds...more
The countdown to June 30, 2020 is on – the deadline by which broker-dealers with retail customers must comply with Regulation Best Interest (Reg BI), and broker-dealers and investment advisers must comply with Customer...more