News & Analysis as of

Cyber Incident Reporting Financial Services Industry

Wyrick Robbins Yates & Ponton LLP

Possible… but Practical? HUD’s New 12 Hour Cyber Incident Reporting Requirement for FHA-Approved Mortgagees

On May 23, 2024, the U.S. Department of Housing and Urban Development (“HUD”) issued requirements, effective immediately, for all FHA-approved mortgagees to report certain cyber incidents to HUD within 12 hours of detection....more

ArentFox Schiff

Newly Proposed Rule Expanding Cyber Incident Reporting to Affect Financial Services Companies

ArentFox Schiff on

Recently, the US Department of Homeland Security’s (DHS) Cybersecurity & Infrastructure Security Agency (CISA) issued a notice of proposed rulemaking (NPRM) which, if adopted, would require “covered entities” of critical...more

Alston & Bird

Data Breach Notification Requirements Under the Safeguards Rule Now in Effect

Alston & Bird on

For years, the Gramm-Leach-Bliley Act (GLBA) has required financial institutions to maintain reasonable safeguards for consumer data, but has only had limited breach-reporting requirements. To the extent financial...more

Manatt, Phelps & Phillips, LLP

New SEC Data Breach Rules for Investment Advisers, Broker Dealers and Investment Companies

On May 15, 2024, the U.S. Securities and Exchange Commission (the “SEC”) adopted amendments to Regulation S-P (the “Data Privacy Amendments”), which were published in the Federal Register on June 3, 2024, starting the clock...more

Baker Donelson

[Webinar] New Privacy and Cybersecurity Regulations: What Financial Institutions Need to Know to Stay Compliant - June 13th, 10:00...

Baker Donelson on

The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more

Wiley Rein LLP

CISA’s Proposed Cyber Incident Reporting Requirements Would Hit a Range of Industries and Sectors

Wiley Rein LLP on

The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is publishing a proposed rule (Proposal or NPRM) that will require broad segments of industry to meet onerous and quick...more

Paul Hastings LLP

Revised FTC Safeguards Rule Brings Breach Reporting Obligations to Non-Banking Financial Institutions in May 2024

Paul Hastings LLP on

Federal jurisdiction under the Gramm Leach Bliley Act (“GLBA”) is a patchwork, particularly for banks –the Federal Reserve, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency all...more

Skadden, Arps, Slate, Meagher & Flom LLP

The Informed Board - Winter 2024

The oversight obligations of boards continue to expand. Recent enforcement actions and new laws in areas such as cybersecurity, artificial intelligence and supply chains create new challenges for boards, as we explain in this...more

Dunlap Bennett & Ludwig PLLC

The FTC’s Expanded Cybersecurity Requirements Affecting Non-Banking Small Businesses

The expansion of the FTC’s Safeguards Rule will require businesses to notify customers and the FTC of cyber breaches that had previously been excluded from reporting requirements. Previously, only banks had been required to...more

Troutman Pepper

SEC’s New Cyber Rules for Publicly Traded Companies — The Consumer Finance Podcast

Troutman Pepper on

In this episode of The Consumer Finance Podcast, Chris Willis is joined by Kim Phan, a partner in our firm’s Privacy + Cyber practice, to discuss the Securities and Exchange Commission’s new cyber risk management and incident...more

McGlinchey Stafford

New York Cybersecurity Regulation Amended and Expanded

McGlinchey Stafford on

On November 1, 2023, the New York Department of Financial Services (NYDFS) adopted amendments to its Cybersecurity Regulation, 23 NYCRR Part 500 (Cybersecurity Regulation). This is the second amendment (Amendment) to its...more

Wyrick Robbins Yates & Ponton LLP

Empire State of Security: New York DFS Finalizes Significant Amendment to Financial Services Cybersecurity Regulation

The New York State Department of Financial Services (“NYDFS”), which regulates financial services institutions including banks, insurance companies, and mortgage brokers, finalized an amendment to its Cybersecurity Regulation...more

Davis Wright Tremaine LLP

Broker Dealer Regulatory Digest - October 2023

Editor's Note - The following newsletter provides a roundup summarizing enforcement actions, guidance, rulemakings, and other public statements taken by a federal and/or state financial services regulatory agency,...more

Alston & Bird

What You Should Know About the EU Digital Operational Resilience Act

Alston & Bird on

The European Union’s (EU) new Digital Operational Resilience Act (DORA) will go into effect in January 2025. Our Privacy, Cyber & Data Strategy Team digs into DORA and discusses how the new law may impact businesses inside...more

Polsinelli

FTC Adopts Data Breach Notification Obligations for Non-Banking Financial Institutions

Polsinelli on

On October 27, 2023, the Federal Trade Commission (“FTC”) adopted an amendment to the FTC’s Safeguards Rule that will require non-banking financial institutions to notify the FTC within thirty days of discovering a data...more

Katten Muchin Rosenman LLP

New FTC Rule Requires Certain Financial Institutions to Report Loss of Unencrypted Customer Data

On October 27, the Federal Trade Commission (FTC or Commission) published a final rule expanding data breach notification requirements for certain financial institutions (Final Rule). Federal Register, will require entities...more

Paul Hastings LLP

FTC Approves New Incident Reporting Requirements for Safeguards Rule

Paul Hastings LLP on

The Federal Trade Commission (the “FTC”) approved last week an amendment to its Safeguards Rule that will institute new data breach notification requirements for non-bank financial institutions....more

Husch Blackwell LLP

Federal Trade Commission Amends GLBA’s Safeguards Rule

Husch Blackwell LLP on

Key Point: The Federal Trade Commission (FTC) has amended the Safeguards Rule to require non-banking financial institutions to inform the FTC within 30 days of discovering any unauthorized acquisition of unencrypted customer...more

Goodwin

A Closer Look at the SEC’s Cybersecurity Rules for Covered Entities and Market Entities

Goodwin on

The SEC is continuing its campaign to overhaul cybersecurity, cyber incident reporting, and privacy controls and requirements for financial services industry registrants, their service providers, and corporate America...more

Nutter McClennen & Fish LLP

Nutter Bank Report: July 2023

The Federal Reserve has announced that its FedNowSM Service, a new interbank settlement service with clearing functionality to support instant payments, went live on July 20 with 35 early-adopting banks and credit unions. The...more

Morrison & Foerster LLP

The SEC Expands Focus on Cybersecurity Risk to Include Registered Advisers, Broker‑Dealers, and other Market Participants

Last month, the SEC took a big step toward strengthening the cybersecurity of financial systems by proposing regulations that, taken together, will require registered investments advisers, broker‑dealers, and all national...more

Sheppard Mullin Richter & Hampton LLP

72 hours: The NCUA’s New Cyber Incident Reporting Requirement

Three days. Starting September 1, 2023, that is all federally insured credit unions will have to report cyber incidents. The rule, approved on February 16, 2023, broadly defines cyber incident to include any incident that...more

Fenwick & West LLP

What Companies Need to Know About the New National Cybersecurity Strategy

Fenwick & West LLP on

The White House announced last Thursday its highly anticipated National Cybersecurity Strategy (NCS). Although largely aspirational and short on concrete plans, the 39-page NCS is the Biden administration’s most ambitious...more

Nelson Mullins Riley & Scarborough LLP

NCUA Announces New Cyber Threat Reporting Requirement

The NCUA stated the new rule, which was approved on Feb. 16, 2023, aims to mitigate cyber incidents “that [lead] to a substantial loss of confidentiality, integrity, or availability of a network or member information system...more

Baker Donelson

NCUA Approves New Cyber Incident Reporting Requirements: What Credit Unions Need to Know

Baker Donelson on

The National Credit Union Administration (NCUA) has approved new cyber incident reporting requirements for credit unions. Under the final rule, federally insured credit unions will be required to notify the NCUA of a...more

47 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide