New York
08 March 2017
Reporter: Becky Butcher
Captives ‘exempt’ from New York cyber rules
Captive insurance companies are ‘exempt’ from the new cyber security regulation that came into effect in New York on 1 March.

The new regulation requires financial institutions to implement robust controls to detect, prevent and report cyber incidents.

As well as captive insurance companies, other ​exempt entities include small covered entities, designees covered by another, and those that do not possess or handle non-public information.

​All exempt entities must still file a certificate of exemption with the New York State Department of Financial Services (NYDFS) within 30 days.

According to Romaine Marshall and Matt Sorensen of law firm Holland & Hart, the impact of the new regulation will be “felt far beyond the state of New York and will likely become the baseline standard for the industry”.

The new regulation requires banks, insurance companies, and other financial services institutions regulated by the NYDFS to establish and maintain cyber security programmes designed to protect consumers’ private data and ensure industry safety.

Requirements include conducting periodic risk assessments, maintaining a cyber security programme based on the risk assessment, complying with governance and staffing requirements, and providing regular cyber security awareness training.

Marshall and Sorensen suggested that although the regulation became effective on 1 March, there will be a transition period of between one and two years for most financial institutions to comply.

“Full compliance with such an expansive regulation will [still] be challenging,” they added.

More regulation news
The latest news from Captive Insurance Times
Join Our Newsletter

Sign up today and never
miss the latest news or an issue again

Subscribe now
OECD releases additional guidance on CbC reporting
21 July 2017 | Brussels | Reporter: Becky Butcher
The Organisation for Economic Co-operation and Development (OECD) has provided further guidance on the implementation of country-by-country (CbC) reporting under its framework on base erosion and profit shifting (BEPS) initiative
UK government sets out new ILS framework
21 July 2017 | London | Reporter: Becky Butcher
The UK Treasury has published new rules for insurance-linked securities (ILS) as the country aims to grab a share of the rapidly growing market
US agrees to sign US-EU covered agreement
18 July 2017 | Washington DC | Reporter: Becky Butcher
The US Department of the Treasury and the Office of the US Trade Representative have revealed their intent to sign the bilateral agreement between the US and EU regarding insurance and reinsurance
UK to implement ILS regime this autumn
27 June 2017 | London | Reporter: Becky Butcher
London’s insurance-linked securities regulation is now being finalised by the UK Government ready for implementation this autumn, according to a letter sent from HM Treasury to the London Market Group’s Nicolas Aubert
Texas governor signs off captive bill updates
19 June 2017 | Austin | Reporter: Becky Butcher
Texas governor Greg Abbott has signed the state’s new captive bill into law
New FHLB legislation could see captives return
16 June 2017 | Washington DC | Reporter: Becky Butcher
US legislators have introduced a new bill to allow captive insurance companies that were members of a Federal Home Loan Bank (FHLB) prior to 12 September 2014 to return to the fold
SIIA asks Treasury to look at Notice 2016-66
15 June 2017 | Washington DC | Reporter: Becky Butcher
The Self-Insurance Institute of America (SIIA) has asked the US Treasury to include Notice 2016-66 in the President Donald Trump-ordered review of US tax rules