Changes to NY DFS cybersecurity requirements expected

Authored by: Russell Sommers

According to a Reuters report, the New York Department of Financial Services (NY DFS) will be releasing on Dec. 28, 2016, a revised version of the 23 NYCRR 500 Financial Services Law which outlines cybersecurity requirements of NY DFS supervised financial services companies.

New effective date

NY DFS received over 200 comment letters to the initial draft proposed regulation and industry sentiment was that a revision, phased implementation or delay was imminent. Until yesterday, none had been communicated. While the context of the changes remains unknown, it is known the effective date is changing from Jan. 1, 2017, to Mar. 1, 2017.

Stay tuned

Once the revised version is released, we will summarize changes from the initial draft proposal and how it will impact your organization.

For more information on regulatory compliance, or to learn how Baker Tilly’s financial services specialists can help, contact our team.