Lexology | By: Patterson Belknap| September 18, 2017:
Today, New York Governor Andrew M. Cuomo announced that he has directed the Department of Financial Services (DFS) to issue a new regulation requiring “credit reporting agencies to register with” the DFS, as well as comply with the Department’s “first-in-the-nation cybersecurity standard.”
According to Governor Cuomo, the Equifax breach was a “wakeup call,” and New York is now “raising the bar for consumer protections” with the “hope” the DFS’s approach “will be replicated across the nation.”
The DFS wasted no time following the Governor’s instructions. This morning, the Department announced a proposed regulation that places credit reporting agencies squarely within the purview of the DFS, prohibits them from committing “any unfair” act, and requires them to comply with the DFS cybersecurity regulation.
The proposed regulation—which is subject to the statutory 45-day-reporting and public-comment period—includes a litany of detailed and unprecedented requirements for “consumer credit reporting agencies”…
To read full article – please click here.
