Photo of Steven M. Kaplan

Steven Kaplan is a partner in Mayer Brown’s Washington DC office and a member of the Consumer Financial Services group. He concentrates his practice on matters related to consumer financial products and represents clients in federal and state supervisory matters, investigations and enforcement proceedings. He also advises clients on compliance with federal and state laws governing licensing and practices of financial institutions, mortgage lenders, consumer finance companies, loan servicers, prepaid card issuers, payment system providers and secondary market participants. Steven acts as regulatory counsel in connection with investments or acquisitions related to consumer loans and other consumer financial products and performing regulatory compliance due diligence. Additionally, Steven assists with structuring operations and developing compliance management systems and due diligence programs and with litigation involving regulatory compliance matters.

Read Steve's full bio.

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) finalized the amendment to its cybersecurity regulation (the “Amendment”). The Amendment expands cybersecurity requirements across many areas—from governance to incident response to access controls.

The Amendment follows the three published drafts: two proposals published for formal notice and comment in November 2022 and

On February 16, 2017, the New York State Department of Financial Services (“NYDFS”) finalized regulations that mandate cybersecurity standards for all institutions authorized by NYDFS to operate in New York, including many banks, insurance entities and insurance professionals doing business in New York. The final regulations, titled “Cybersecurity Requirements for Financial Services Companies,” implement a