On November 1, 2023, the New York Department of Financial Services (“NYDFS”) finalized the amendment to its cybersecurity regulation (the “Amendment”). The Amendment expands cybersecurity requirements across many areas—from governance to incident response to access controls.

The Amendment follows the three published drafts: two proposals published for formal notice and comment in November 2022 and

The Second Amendment to the New York Department of Financial Services’ (“NYDFS”) Cybersecurity Requirements for Financial Services Companies (the “NYDFS Requirements”) is expected to be published in final form in the next two weeks. The Second Amendment will follow updated proposed amendments to the NYDFS Requirements published on June 28, 2023 (the “2023 Proposal”),1

In typical email fraud cases, victims can rarely trace their funds to ‘first layer’ bank account(s) where they were initially persuaded by fraudsters to transfer their money. Usually, by the time fraud is discovered, the funds are long gone; or transferred onwards to second, third or even fourth-layer recipients, who may well be innocent third

Payments & FinTech Lawyer has published Gabriela Kennedy’s article on a statement issued by the Hong Kong Privacy Commissioner (PC) setting out advice on the collection of personal data by Stored Value Facilities (SVF) operators, as the first five stored value facility licenses were granted by the Hong Kong Monetary Authority (HKMA) under the Payment

Cybersecurity and data privacy were high priority issues in 2015 for companies in a broad range of industries. This year is poised to see cybersecurity and data privacy continue to grow in importance for companies doing business in the United States and for US businesses operating globally. In our 2016 Outlook, we highlight five priority