17 March 2018
Breana Patel- Bonova Advisory
Breana Patel

Breana Patel- Bonova Advisory

Breana Patel - Bonova Advisory | Risk &Regulatory Advisory

13Posts 108,002Views 2Comments
Finextra community

Financial Services Regulation

This network is for financial professionals interested in staying up to date on financial services regulation happening anywhere in the world. CFOs, bankers, fund managers, treasurers welcome.

Cyber Security Regulations : Financial Services

29 September 2017  |  12734 views  |  0

We live in an age where the threat of cyberattacks is seemingly imminent. As a result, many firms in the financial services and banking industries have stepped their game up and created specific security teams that can endure the various threats made by individual or organizational assailants. Also, to combat this risk, many regulatory bodies have done their part, by raising the threat level and introducing new privacy legislation every year.

In Retrospect

Whether it's a "lone wolf" or an organization, cyber-attackers are persistently discovering weaknesses to prey on. But with consumer privacy becoming more imperative with every passing day, it is necessary for firms to be able to withstand these attacks. As of late, many central financial institutions have cooperated on proposing a set of rules on cyber risk management standards. 

In response, the ‘Department of Financial Services' of New York State issued revolutionary cybersecurity regulations in February of this year. Taking effect on the 1st of March, the primary focus of this directive was to protect consumer data and financial systems from cyber attacks. New York governor, Andrew Cuomo believes that these "first-in-the-nation" regulations will help guarantee that the industry will have the necessary precautions in place to protect both consumers and producers from devastating cybercrimes.
Many of the terms defined in the document issued by the DFS are already in effect for most of the entities covered by the Gramm-Leach-Bliley Act (GLBA), and they are, therefore, largely unaffected. But some regulations surpass the requirements of the GLBA and all covered entities must adopt them. The GLBA however, mainly concerns itself with large firms and institutions. Consequently, many other financial service firms and smaller banks have had trouble adopting the statute due to discourse over guidance issues.

Financial services industry ups its game
Financial institutions and banks (the latter of which, extensively use digital technology) have begun exploring new technologies that can identify and prevent cyber attacks. Because some banks use technology like ATMs, voice biometrics is being implemented as an additional security measure. Moreover, banks are utilizing features such as social log-ins and content-based identification. Leading financial services firms have increased their annual cybersecurity budget substantially.

The entities covered by the New York State's new regulations were permitted 6 months from the effective date to comply with most of the terms, past which, non-compliance will not be tolerated. This makes the next couple of months extremely vital for institutions that haven't fulfilled the requirements.

To be one step ahead of possible attacks though, banks will need to regularly evaluate their potential vulnerabilities. Their threat levels should be under constant surveillance to forecast possible problems, and threat intelligence should be employed to understand when potential cyber attackers might attempt to take advantage of such holes in their armor.

Looking forward

Banks and financial institutions should take a proactive stance towards cyber security, which means relentlessly pursuing new technologies. When it comes to protecting consumer data, firms must comply with state, federal, and international privacy laws. With the advent of artificial intelligence which will present new risks, banks and financial services firms must find ways to effectively combat these risks.
Firms should consider cyber security, anti-fraud, and AML efforts. They should also launch a risk-based cybersecurity program while simultaneously complying with regulatory requirements. To conclude, when it comes to developing new products and services, the financial firms and banks should prioritize cybersecurity and the consumer's privacy.
On the other hand, banks, and firms can only do so much and will always look for ways to conserve money. It is up to the state regulatory bodies to ensure that they have solid regulations in place regarding cybersecurity. Once that happens, financial institutions will have to comply or suffer the consequences. The reason that these regulations need to be strict and the level of cybersecurity needs to be stellar is that these firms deal extensively in consumer data. Privacy is not a privilege; it is a human right. Here's how other states are looking to emulate New York and keep our private data secure: 

State Priority

New York
Broadening the definition of ‘consumer data' and protecting financial systems from cyber attacks (focusing on the systems rather than the individual consumer)

Broker-dealers and investment advisors – They will have to comply with cybersecurity measures to ensure the protection of confidential personal customer information

Similar updates to their laws following in the steps of New York. Their primary focus is to restrict government access to emails and other online communications.

New Mexico
Regulations will be more "consumer data" focused than the regulations set by New York which concentrate more on the entities data collection systems.

Focused on the consumer's "right to know" what kind of information is being collected on them.

TagsSecurityRisk & regulation

Comments: (1)

A Finextra member
A Finextra member | 29 September, 2017, 18:09

New York leading state to implement cyber security regulations in banks!

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Latest posts from Breana

Blockchain in Capital Markets

01 March 2018  |  6614 views  |  0 comments | recomends Recommends 0 TagsBlockchainTrade executionGroupCapital Markets Technology

How can Blockchain Help with AML KYC

12 February 2018  |  10083 views  |  3 comments | recomends Recommends 1 TagsBlockchainRisk & regulationGroupBusiness Knowledge for IT

FinTech, RegTech and SupTech

29 January 2018  |  13259 views  |  0 comments | recomends Recommends 1 TagsArtificial IntelligenceInnovationGroupInnovation in Financial Services

Risk of Misunderstanding Cyber Security

19 January 2018  |  8270 views  |  0 comments | recomends Recommends 0 TagsSecurityRisk & regulationGroupBusiness Knowledge for IT

Breana's profile

job title CEO | Thought leader in Bank Regulations
location New York
member since 2017
Summary profile See full profile »
Founder of Bonova Advisory a management consulting firm that helps Financial services and government agencies navigate today's most complex regulatory, risk and operational environments.

Breana's expertise

Member since 2017
8 posts2 comments
What Breana reads
Wall street journalRisk

Who's commenting on Breana's posts

Mike Ray
Michael King
Behzod Sabirov
Ramdas Narayanan