Davis Polk’s Data Breach Portal and Breach Notification Assessment Tool Move to Client Beta Testing

We are pleased to announce that client beta testing has begun for the Davis Polk Data Breach Notification Resource Portal—a secure online suite of tools designed to assist clients in preparing and planning for a possible data breach, and help them comply with state and federal law obligations to inform customers, regulators, and law enforcement.  Utilizing a simple, query-based portal, the Notification Assessment Tool allows clients to receive rapid privileged legal advice on notification … Continue Reading

Davis Polk Memo – Banking Regulators Float Broad Cyber Risk Approach

We have issued a memo on recent proposed U.S. federal banking regulations that could significantly expand the existing cybersecurity regulatory framework for covered financial institutions. The Enhanced Standards intend to strengthen cyberattack preventative measures and post-attack responses.

Read the Full Memo »Continue Reading

FinCEN Issues Advisory and FAQs on Cyber-Events and Cyber-Enabled Crime

 FinCEN Issues Advisory and FAQs on Cyber-Events and Cyber-Enabled Crime (10/27)

On October 25, 2016 FinCEN issued an advisory and FAQs to financial institutions regarding their Suspicious Activity Report (SAR) obligations with respect to cyber-events, cyber-enabled crime, and cyber-related information as those terms are defined. The FAQs supersede previous FAQs issued in 2001. The advisory and FAQ also discuss collaboration between in-house BSA/AML teams (e.g., noting that the BSA/AML teams need not have personnel devoted … Continue Reading

Davis Polk Memo – New York State Department of Financial Services Proposes New Cybersecurity Regulations

We have issued a memo on recent proposed cybersecurity regulations by the New York State Department of Financial Services that would be more stringent than existing federal requirements for certain financial entities. The memo highlights similarities and differences between the proposed regulations and federal regulations and guidance.

Read the Full Memo »Continue Reading

CFPB Brings First Ever Data Security Enforcement Action: Review and Analysis

CFPB Brings First Ever Data Security Enforcement Action: Review and Analysis (3/9)

On March 2, 2016, the CFPB announced that it had settled an enforcement action with Dwolla, Inc., an online payment platform, for making allegedly deceptive statements regarding its data security practices and the safety of its online payment system. Dwolla agreed to pay a $100,000 civil penalty and to undertake measures to improve its data security.… Continue Reading

LexBlog