N.Y. financial regulator to delay cyber security rules
(Reuters) — New York's financial regulator will delay an anticipated Jan. 1 deadline for banks and insurers doing business in the state to comply with controversial cyber security rules, a person familiar with the matter said.
The regulator, the New York State Department of Financial Services, will publish a revamped version of its cyber security rules in the New York State Register on Dec. 28, the person said.
The new effective date, following a public review period, will be March 1, 2017, the person said.
Banks and insurers have been fighting for an extension of the compliance deadline and other changes ever since the regulator formally unveiled the proposed rules in September.
On Monday, banking and insurance industry representatives voiced their concerns about the rules in a hearing before New York state lawmakers. Among their objections: The rules did not distinguish between small and large financial institutions and would possibly conflict with future U.S. government cyber security rules.
The New York regulator received more than 150 letters from banking and insurance industry groups, among others, in response to the cyber security plan.
Other changes to be included in the revised rules are unclear.
Read Next
-
NAIC cyber security model law to be released in 2017
MIAMI — The third and final draft of the National Association of Insurance Commissioners’ cyber security model law won’t be ready for consideration until 2017, according to South Carolina Insurance Director Ray Farmer, the vice chair of the NAIC’s cyber security task force.
