At the Nationwide Multistate Licensing System (NMLS) Annual Conference, state financial regulators released an updated cybersecurity examination tool for nonbank financial company supervision. The tool is designed for state regulators to use in examinations, but “companies are encouraged to use it to assess their cybersecurity health between examinations.”
State regulators are continuing to find new ways to help mitigate the ever-evolving cybersecurity risks that face nonbank financial companies. The Baseline Nonbank Security Exam Program (Exam Program) was originally developed to evaluate cyber risk management and identify weaknesses in an entity’s security program that require attention. The cybersecurity tool is the newest component of the Exam Program to assist state regulators in examining less complex and lower risk institutions.
An additional tool for more complex institutions is under development and is expected to be released in the second quarter of this year.