OCC

What’s the OCC Banking Regulatory Outlook for 2022?

As the year’s end approaches, the US Office of the Comptroller of the Currency (OCC), a primary US banking regulator, has published its Banking Supervision Operating Plan for 2022. As you might expect, much of the OCC’s focus is on managing the repercussions of the pandemic and the resulting economic, financial, operational, and compliance implications. The specific points it…
Read More
Payments

CNIL Publishes White Paper on Digital Payments and Data Privacy

The French Data Protection Authority’s white paper discusses how companies can comply with data privacy and security obligations. The use of card, contactless, and innovative digital payment solutions has significantly increased in recent years, fueled by the immediate impacts of the ongoing COVID-19 pandemic and the longer-term growth of e-commerce and open banking. In this…
Read More
Fintech

Fintech Cybersecurity: A Plan for Innovation with Risk Mitigation

As the fintech industry rushes ahead to integrate new technologies, it’s leaving the door open for cyber attackers. The financial technology (fintech) industry is evolving at breakneck speed, driven in large part by its rapid adoption of innovative new technologies like artificial intelligence and blockchain-powered assets. By 2026, the current global fintech market is projected to…
Read More
Cybersecurity

New York DFS Issues New Cybersecurity Guidance

Under New York’s Cybersecurity Regulation, issued in 2017, any entity (a “Covered Entity”) regulated by the New York State Department of Financial Services (DFS) must maintain a risk-based cybersecurity program that protects its information systems and nonpublic data. For years, DFS has allowed Covered Entities to adopt the cybersecurity program of an affiliate. This has…
Read More
Data Protection

Opinion: How the U.S. Government’s Efforts Can Improve Data Privacy and Protection in 2021

This year, cybersecurity incidents, such as data breaches, have led to the proliferation of identity theft and fraud, facilitated by a lack of digital identity verification credentials. Additionally, data privacy legislation has gained momentum at the state level and become a key area of concern for lawmakers and citizens alike. Meanwhile, artificial intelligence and blockchain…
Read More
Safeguards Rules

FTC Makes Significant Changes to GLBA Safeguards Rule

The FTC’s final rule released last week amending its Standards for Safeguarding Customer Information (Safeguards Rule) under the Gramm-Leach-Bliley Act (GLBA) will require significant changes in data security policies and procedures to be made by non-bank financial institutions covered by the Safeguards Rule.  Such institutions include finance companies, mortgage companies and brokers, motor vehicle dealers, small-dollar…
Read More
Cryptocurrency

DOJ Announces National Cryptocurrency Enforcement Team

On October 6, the Department of Justice (“DOJ”) announced the creation of a National Cryptocurrency Enforcement Team (“NCET”).  The DOJ press release is set forth in part below, without further commentary, other than to observe that the NCET’s stated goals are to address issues on which we repeatedly have blogged:  crypto exchangers and their AML obligations; the…
Read More
Cyber Security Leaders

How to Build Back Better With Cybersecurity as a Core Principal

By JC Gaillard A comment left on one of my articles made me think: How can cybersecurity leaders drive a long-term transformative agenda, with a business and a board that cannot see beyond the short-term? I see several angles worth discussing around the way the question was put, which may help break some deadlocks. Endemic…
Read More
Cfpb And Fintech

Why Fintech Companies Want to be Regulated by the CFPB

It’s unusual to see an industry making a formal request to be regulated, but that’s exactly what fintech data aggregators are asking of the Consumer Financial Protection Bureau (CFPB).  Companies like Plaid and Robinhood have reasoned that more oversight by the CFPB comes with access to more consumer data–which in turn would allow fintech companies…
Read More

2020 News in Review

Week Ending December 28  ICO Warns SolarWinds Victims to Report Breaches  The United Kingdom’s Information Commissioner’s Office (ICO) has issued a warning to organizations compromised by the SolarWinds breach. The breach, which was carried out by Russian hackers, affected more than 18000 organizations worldwide. ICO requires UK data controllers subject to NIS regulations to report…
Read More
Back To Top