NYDFS Fines Residential Mortgage Services $ 1.5 million for non-compliance with New York’s cybersecurity regulation
To print this article, all you need to do is be registered or log in to Mondaq.com.
On March 3, 2021, the New York Treasury Department (NYDFS) announced the execution of one Consent order (the contract) with Residential Mortgage Services, Inc. (RMS), a NYDFS licensed mortgage banker and mortgage loan service provider. The ordinance imposes a fine of RMS 1,500,000 for violating the Cybersecurity Ordinance, Part 500 of Title 23 of the New York Codes, Rules and Regulations (Part 500). According to the regulation, RMS failed to meet its Part 500 obligations by inadequately responding to a data breach and not conducting a comprehensive cybersecurity risk assessment. This action is the latest demonstration of the seriousness with which the NYDFS is approaching enforcement of Part 500, which went fully into effect in March 2019.
The regulation serves as a warning and guide for financial institutions that may cause them to re-evaluate whether their existing cybersecurity guarantees, policies and procedures are sufficient to meet Part 500 requirements. In addition, it increases the need for affected companies to be fully compliant with all aspects of Part 500 – even if companies believe their cybersecurity measures are appropriate to their risk or meet industry standards.
Read this to learn more about the Order and its impact on the financial services industry Advisory.
The content of this article is intended to provide general guidance on the subject. A professional should be obtained about your particular circumstances.
POPULAR ARTICLES ABOUT: Technology Made in the United States