An NYDFS-Regulated Bank’s Guide to Proper Internal Audits

AGG Privacy & Cybersecurity and Emerging Technologies attorneys Jackie Cooney, Allison Raley, and Erin Doyle authored a Law360 article titled “An NYDFS-Regulated Bank’s Guide to Proper Internal Audits,” published on April 12, 2024.

“The New York State Department of Financial Services regulates a wide range of entities within the financial sector with the goal to protect consumers and maintain the integrity of the financial system,” the attorneys said. “Additionally, the NYDFS is quickly becoming a guiding light illuminating where the tides of federal regulation may settle in the future.”

As the NYDFS expects full compliance with its regulations, Jackie, Allison, and Erin emphasize that there is no leeway for best efforts to meet requirements — although good faith efforts are likely to be viewed as a mitigating factor.

The article reviews the NYDFS’ December 2023 final guidance related to financial institutions’ assessment and management of climate-related and operational risks. This includes addressing how to ensure proper internal audit review has been conducted prior to the compliance certification deadlines on April 15 for transaction monitoring requirements set forth in Title 3 of the New York Codes, Rules, and Regulations, Part 504; and April 29 deadlines for cybersecurity regulations set forth in Title 23 of the New York Codes, Rules, and Regulations, Part 500.

“To properly advise NYDFS-covered entities, one must have not only a deep understanding of the attestation requirements themselves, but also all elements that ensure proper attestation,” said Jackie, Allison, and Erin.

To read the full article, please click here.