New York Mortgage Licensees Face Looming Deadline

WASHINGTON - Aug. 22, 2017 - PRLog -- Long before the the FBI released its Internet Crime report for 2016, New York State took the lead on requiring financial service companies to thoroughly evaluate their information security systems. The reason: New York has the highest dollar loss per incident of any state.

<iframe src="//www.slideshare.net/slideshow/embed_code/key/kbyIsbWyzLFFRw" width="595" height="485" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" style="border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;" allowfullscreen> </iframe> <div style="margin-bottom:5px"> <strong> <a href="//www.slideshare.net/tmortgan/cyber-crime-and-information-security-2017" title="Cyber crime and information security 2017" target="_blank">Cyber crime and information security 2017</a> </strong> from <strong><a href="https://www.slideshare.net/tmortgan" target="_blank">Thomas Morgan</a></strong> </div>



Washington, DC area firm, MortgageManuals.com, has created a system for non-bank mortgage companies that allows them to take a common-sense approach to assessing information security risks.

According to MortgageManuals.com Compliance Officer, Thomas Morgan, the company builds in human process tools on top of written policies. "We do this because we know that most line personnel don't have the time to read company policies and procedures. Even if they did, simply knowing what's required doesn't mean they will be able to make sure it happens. So we build tools for the employees to use in their jobs. This way both the compliance officer and the employee know that he or she is doing what's necessary to comply."

For New York companies, the issue may be more pressing than potential risks and process. According to a March 27, 2017 article in the Mortgage News Digest. "small companies [which don't own their own infrastructure] have to file an exemption by August 28, 2017 in order to avoid having to comply with the full scope of the rules.'

"In the context of this type of massive regulation, the too-big-to-fail companies may have a resource advantage." says Mr. Morgan. "We try and provide a resource for those too-small-to-comply companies."  He continues "Small companies might feel like they slip below the radar [of internet criminals], but they represent the soft underbelly. In addition to being the most vulnerable, they can least afford the financial consequences of a loss."

New York licensees should go to the New York State Department of Banking Cybersecurity Page before August 28, 2017, to understand their responsibilities. The link is: http://www.dfs.ny.gov/about/cybersecurity.htm