With growing concerns over cyber risks, federal and state regulators have increased efforts to develop new cybersecurity standards. New York became the first state to require banks, insurance companies, and other regulated financial institutions to establish and maintain a cybersecurity program to protect consumers and the industry, with regulations taking effect March 1, 2017. Meanwhile federal banking regulators are considering cyber risk management standards and resilience standards for large financial institutions and their service providers. In addition, the Securities and Exchange Commission has adopted regulations to strengthen the technology infrastructure of the securities markets and the Commodity Futures Trading Commission has adopted related rules on system safeguards.
A new White Paper by J. Preston Carter, J.D., LL.M., Mark S. Nelson, J.D., and John M. Pachkowski, J.D., legal editors at Wolters Kluwer Legal & Regulatory U.S., discusses New York’s new requirements, explores issues under consideration by federal banking agencies, and explains requirements imposed by federal securities and commodities regulators.
For more information about cybersecurity requirements, subscribe to the Banking and Finance Law Daily.