New York state’s Department of Financial Services suspended proposed cybersecurity regulations, as advocated by ICBA and the Independent Bankers Association of New York State. In place of its proposal scheduled to take effect on Jan. 1, the state regulator said it plans to release a revised version on Dec. 28 with an expected effective date of March 1, 2017, according to reports.
ICBA and IBANYS last month asked the NYDFS to suspend the rule. Among its provisions, the previous proposal would have significantly increased reporting rules, required bank board chairs to certify compliance, and mandated employment of a chief information security officer, among other burdensome requirements.
In their joint letter, ICBA and IBANYS noted that the proposal does not account for the size, scope and complexity of financial institutions and would significantly expand cybersecurity mandates on community banks.