This article was originally published in Corporate Compliance Insights, February 2024
Companies may find existing systems need augmenting to meet new rules
Recent amendments to the New York Department of Financial Services 23 NYCRR Part 500, which more than a half-decade ago transformed cybersecurity compliance for thousands of insurance, financial services and healthcare organizations, threaten to shake things up again by adding new requirements. Joseph Shepley of Alvarez & Marsal offers guidance to CISOs at covered organizations.
The New York Department of Financial Services’ 23 NYCRR Part 500 has been a part of the compliance landscape for insurance, financial services and healthcare organizations since 2017. Part 500 has transformed the cybersecurity posture of these covered entities, benefiting consumers, employees and other data subjects whose personal data organizations process.
While all the recent amendments to Part 500 have been the subject of considerable discussion, the changes to Section 500.13 will likely have the biggest weight, governing how covered entities manage (and dispose) of their non-public information (NPI) so they can remain Part 500 compliant.
Click the button below to read the full article and learn more about Part 500 compliance.
Read the Full Article Here
Preventing Financial Blind Spots: The Role of Forensic Accountants in Early Dispute Resolution
March 16, 2026
The right dispute strategy often begins with understanding what the financial evidence can actually support. Senior Director Kelvin Cheong explores how early forensic insight can help parties preserve evidence, assess financial viability, and approach negotiations, arbitration, or litigation with greater clarity and confidence.
Alvarez & Marsal with Transparency International’s CEO Clancy Moore
April 9, 2026
In our latest episode of Conversation with Podcast, Senior Director Michelle Jones is joined by Clancy Moore, CEO of Transparency International Australia.
AI Technology Export Enforcement: 5 Signals Companies Cannot Afford to Miss
April 7, 2026
AI export enforcement is accelerating, bringing tougher penalties, expanding liability, and increased oversight. This article outlines five recent enforcement signals that should prompt an immediate compliance review.
The White House’s AI Legislative Framework and the Unsettled Future of State AI Laws
April 3, 2026
This article examines the Trump administration’s March 20, 2026, “National Policy Framework for Artificial Intelligence Legislative Recommendations” and the central governance question it raises: Will Congress create a national AI standard that displaces portions of the current state-law patchwork?
