New York
08 March 2017
Reporter: Becky Butcher

Captives ‘exempt’ from New York cyber rules


Captive insurance companies are ‘exempt’ from the new cyber security regulation that came into effect in New York on 1 March.

The new regulation requires financial institutions to implement robust controls to detect, prevent and report cyber incidents.

As well as captive insurance companies, other ​exempt entities include small covered entities, designees covered by another, and those that do not possess or handle non-public information.

​All exempt entities must still file a certificate of exemption with the New York State Department of Financial Services (NYDFS) within 30 days.

According to Romaine Marshall and Matt Sorensen of law firm Holland & Hart, the impact of the new regulation will be “felt far beyond the state of New York and will likely become the baseline standard for the industry”.

The new regulation requires banks, insurance companies, and other financial services institutions regulated by the NYDFS to establish and maintain cyber security programmes designed to protect consumers’ private data and ensure industry safety.

Requirements include conducting periodic risk assessments, maintaining a cyber security programme based on the risk assessment, complying with governance and staffing requirements, and providing regular cyber security awareness training.

Marshall and Sorensen suggested that although the regulation became effective on 1 March, there will be a transition period of between one and two years for most financial institutions to comply.

“Full compliance with such an expansive regulation will [still] be challenging,” they added.

More regulation news
The latest news from Captive Insurance Times
Join Our Newsletter

Sign up today and never
miss the latest news or an issue again

Subscribe now
US and EU sign covered agreement
22 September 2017 | Brussels | Reporter: Becky Butcher
The US and EU have signed the bilateral covered agreement on insurance and reinsurance
GFSC addresses Solvency II and IAIS capital standards project
20 September 2017 | St Peter Port | Reporter: Becky Butcher
The Guernsey Financial Services Commission (GFSC) has launched a discussion paper seeking the industry’s feedback on the evolution of the island’s global and European insurance capital standards
DARAG completes Ikano captive transaction
08 September 2017 | Jerusalem | Reporter: Katherine Brown
DARAG has completed an Israeli reinsurance transaction and received regulatory approval for the acquisition of Ikano Försäkring, the Stockholm-based Swedish captive owned by Ikano Group
Avrahami might not have all the answers, says Feldman
29 August 2017 | Houston | Reporter: Becky Butcher
The US Tax Court’s ruling in Avrahami might not be the victory for the IRS that everyone thinks it is, according to Stewart Feldman, CEO and general counsel of Capstone Associated Services
Avrahami provides clarity for 831(b)s
25 August 2017 | Burlington | Reporter: Becky Butcher
The ruling of the Avrahami vs Commissioner of Internal Revenue court case finally provides additional clarity for captives organised under Section 831(b), according to Anne Marie Towle of JLT
Experts react to Avrahami
23 August 2017 | Washington DC | Reporter: Becky Butcher
The US Tax Court’s decision to back the Internal Revenue Service in its dispute with Benyamin and Orna Avrahami over their micro captive should encourage those involved in similar arrangements to revisit them
Disappointing outcome for micro captives in Avrahami
22 August 2017 | Washington DC | Reporter: Becky Butcher
The US Tax Court has backed the Internal Revenue Service’s decision to deny Benyamin and Orna Avrahami access to the Internal Revenue Code Section 831(b) election for certain financial years