New York Says Banks Responsible for Vendors' Cyber Risk

by: Carter Pape

The New York Department of Financial Services (NYDFS) reaffirmed that banks remain fully accountable for cybersecurity risks posed by third-party vendors. While the guidance does not impose new requirements, it stresses that banks cannot delegate compliance responsibility, highlighting past enforcement actions. Institutions must implement robust due diligence, contractual provisions, ongoing monitoring and risk management policies, including assessing “fourth parties,” contingency plans and geopolitical risks.

Read the full article on American Banker

Share the Wealth: Tips for Submitting Your Thought Leadership to BISA’s Portfolio

by BISA Staff

11.05.25

Advisors Must Get Women Involved in Financial Decisions

by Financial Advisor

11.04.25

GOP Takes Aim Anew at ESG in Retirement Investing

by James Van Bramer

QUICK LINKS

BUSINESS TRANSFORMATION
REGULATORY & COMPLIANCE
STAFFING & CULTURE
SALES & MARKETING
PODCAST

CONTACT BISA 2001 K Street, NW, 3rd Floor North Washington, DC 20006
p:	202-367-1111
f:	202-367-2111
e:	bisa@BISAnet.org