nydfs
Safeguard articles tagged "nydfs" — guides, analysis, and best practices for software supply chain and application security.
6 articles
NY DFS 23 NYCRR 500 amendments and third-party software risk in 2026
The November 2023 amendments to NY DFS 23 NYCRR Part 500 tightened third-party service provider requirements and added new obligations around software supply chain risk. Covered entities are now in steady-state implementation.
NYDFS Part 500: The November 2025 Deadlines, One Year On
The Second Amendment to NYDFS Part 500 added universal MFA and an asset inventory mandate on November 1, 2025. The April 2026 certification reveals where covered entities stand.
Supply Chain Security for Financial Services 2026
Supply chain security for financial services in 2026 means DORA, NYDFS 500, FFIEC, and OCC expectations. A practical guide for banks, insurers, and fintechs.
Financial Services Supply Chain Controls for 2026
What banks, broker-dealers, and insurers should require from their software vendors in 2026: DORA, NYDFS Part 500, OCC guidance, and the operational resilience controls that actually hold up.
NYDFS 500 Meets SBOM Requirements
23 NYCRR Part 500 was amended in 2023 with stronger third-party and vulnerability management language. For covered financial entities, SBOM practice has quietly become a compliance expectation.
NYDFS Cybersecurity Regulation: Software Security Requirements for Financial Firms
New York's DFS cybersecurity regulation sets a high bar for financial institutions. Here's how the 2023 amendments affect software supply chain practices.