NYDFS Reg 500 Compliance

Cyber security Alert

On March 10th, 2020, the New York Department of Financial Services issued a letter to industries requesting necessary preparedness plans be submitted by April 9, 2020. CyberCompass software can help you offer your clients business continuity and pandemic plans quickly.  Contact us to see how we can partner with you.

The financial industry is under cyber siege. Because of this, NYDFS cyber security regulations are leading the way toward greater data privacy. They address the increasing number of cyber attacks on the financial industries. NYDFS Reg 500 Compliance Regulation (23 NYCRR 500) created cybersecurity rules for financial services companies.

The NYDFS supervises banks, insurance companies, and other financial service companies. For example, more specific companies are: 

  • Credit Unions
  • Health Insurers
  • Investment Companies
  • Licensed Lenders
  • Private Bankers
  • Offices of Foreign Banks
  • Commercial Banks
  • Life Insurance Companies
  • Mortgage Brokers
  • Savings and Loans Associations

No matter your business needs, CyberCompass takes you beyond basic compliance. Our holistic solutions cover your people, processes, technology and vendors.

NYDFS Reg 500 Compliance required by June 1, 2020.

NYDFS regulations can mean potential fines – up to $500,000 in less than a week.


For example, these large fines can add up quickly:

  • $2,500 per day while a violation continues
  • $15,000 per day for reckless or unsound practices
  • $75,000 per day for a knowing and willful violation

Being NYDFS exempt does NOT mean you are EXCUSED

NYDFS 500 allows certain covered entities to be exempt from not having to meet some NYDFS cyber security regulations. For more information about NYDFS exemption status click here.

Many entities with exemption status may not know they are still required to complete a risk assessment. In addition, they must revise policies and procedures, publish a Third Party Provider Security Policy and document a cybersecurity program.  As a result, those that comply can avoid possible fines and penalties.

CyberCompass® simplifies the confusing and frustrating requirements for NYDFS Reg 500 compliance. We make it simple, easy and affordable.

As a result, CyberCompass® automated compliance software gives you fast, effective solution. Protect your business and clients with NYDFS compliance by the June 1, 2020 deadline.

We have built solutions for EXEMPT and NON-EXEMPT companies.

With CyberCompass, you don’t have to be a NYDFS expert to get compliant quickly. Our certified Commander guides you through the assessment, creation of policies and procedures, correcting vulnerabilities and empowers you to learn to manage your cyber resilience.

Get and Stay NYDFS Compliant

  • Combine NYDFS Reg 500 and CIS-20 regulations into a single survey, saving time and money
  • Get a prioritized risk report, allowing you to plan and budget corrective actions
  • Complete suite of policies and procedures that comply with NYDFS regulations
  • Receive the compliance certificate required by the DFS
  • Maintain all documentation in our online, encrypted vault
  • CyberCompass Academy provides cybersecurity awareness training for your employees

CyberCompass® is now being offered to all eligible ELANY members at no cost. If you are an ELANY member, click here to activate your FREE account.

cyber hygiene

Get your cyber hygiene checklists today!

Please tell us a little about yourself

Thank you for downloading our checklists

Download the case study

Learn more about how CyberCompass has helped companies just like you!

Thank you for downloading our case study

Download the case study

Learn more about how CyberCompass has helped companies just like you!

Thank you for downloading our case study

Share This